List of usage examples for javax.servlet.http HttpServletRequest isUserInRole
public boolean isUserInRole(String role);
From source file:de.atomspace.webapp.core.SpringController.java
@RequestMapping(value = "/ingredient/{id}", method = RequestMethod.GET) public String getIngredientDetailPage(@PathVariable("id") String id, ModelMap model, HttpServletRequest request) { model.put("id", id); if (request.isUserInRole("ROLE_USER") || request.isUserInRole("ROLE_ADMIN")) { //FOR REALY USERS model.put("page", "ingredient/ingredient-detail.zul"); return "pages/index.jsp"; } else {/* w w w .j a v a2s. c om*/ //FOR SEO ROBOTs, anonymousUsers and no JavaScript-Support model.put("page", "ingredient/ingredient-detail.jsp"); List<String> list = new ArrayList<String>(); list.add("ROW01"); list.add("ROW02"); list.add("ROW03"); list.add("ROW04"); list.add("ROW05"); model.put("list", list); return "pages/index.jsp"; } }
From source file:de.atomspace.webapp.core.SpringController.java
@RequestMapping(value = "/cocktail/{id}", method = RequestMethod.GET) public String getCockailDetailPage(@PathVariable("id") String id, ModelMap model, HttpServletRequest request) { model.put("id", id); if (request.isUserInRole("ROLE_USER") || request.isUserInRole("ROLE_ADMIN")) { //FOR REALY USERS model.put("page", "cocktail/cocktail-detail.zul"); return "pages/index.jsp"; } else {/*from w w w . j av a 2 s .co m*/ //FOR SEO ROBOTs, anonymousUsers and no JavaScript-Support model.put("page", "cocktail/cocktail-detail.jsp"); List<String> list = new ArrayList<String>(); list.add("ROW01"); list.add("ROW02"); list.add("ROW03"); list.add("ROW04"); list.add("ROW05"); model.put("list", list); return "pages/index.jsp"; } }
From source file:fr.paris.lutece.plugins.mylutece.modules.openam.authentication.OpenamAuthentication.java
/** * Checks that the current user is associated to a given role * /* w ww . j ava 2s .c o m*/ * @param user * The user * @param request * The HTTP request * @param strRole * The role name * @return Returns true if the user is associated to the role, otherwise false */ @Override public boolean isUserInRole(LuteceUser user, HttpServletRequest request, String strRole) { return request.isUserInRole(strRole); }
From source file:org.ng200.openolympus.controller.solution.SolutionDownloadController.java
@PreAuthorize(SecurityExpressionConstants.IS_ADMIN + SecurityExpressionConstants.OR + '(' + SecurityExpressionConstants.IS_USER + SecurityExpressionConstants.AND + SecurityExpressionConstants.USER_IS_OWNER + SecurityExpressionConstants.AND + "@oolsec.isSolutionInCurrentContest(#solution)" + ')') @RequestMapping(method = RequestMethod.GET) public @ResponseBody ResponseEntity<FileSystemResource> solutionDownload(final HttpServletRequest request, final Model model, @RequestParam(value = "id") final Solution solution, final Principal principal) { if (principal == null || (!solution.getUser().getUsername().equals(principal.getName()) && !request.isUserInRole(Role.SUPERUSER))) { throw new InsufficientAuthenticationException( "You attempted to download a solution that doesn't belong to you!"); }/*w ww . java 2 s . co m*/ Assertions.resourceExists(solution); final HttpHeaders headers = new HttpHeaders(); headers.setContentDispositionFormData("attachment", this.storageService.getSolutionFile(solution).getFileName().toString()); return new ResponseEntity<FileSystemResource>( new FileSystemResource(this.storageService.getSolutionFile(solution).toFile()), headers, HttpStatus.OK); }
From source file:org.lamsfoundation.lams.admin.web.action.ThemeManagementAction.java
public ActionForward unspecified(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { // check permission if (!request.isUserInRole(Role.SYSADMIN)) { request.setAttribute("errorName", "RegisterAction"); request.setAttribute("errorMessage", AdminServiceProxy .getMessageService(getServlet().getServletContext()).getMessage("error.authorisation")); return mapping.findForward("error"); }/* w w w. j a va2s .c o m*/ if (themeService == null) { themeService = AdminServiceProxy.getThemeService(getServlet().getServletContext()); } // Get all the themes List<Theme> themes = themeService.getAllThemes(); // Flag the default and un-editable themes String currentCSSTheme = Configuration.get(ConfigurationKeys.DEFAULT_HTML_THEME); String currentFlashTheme = Configuration.get(ConfigurationKeys.DEFAULT_FLASH_THEME); for (Theme theme : themes) { theme.setCurrentDefaultTheme(Boolean.FALSE); if (theme.getName().equals(currentCSSTheme) || theme.getName().equals(currentFlashTheme)) { theme.setCurrentDefaultTheme(Boolean.TRUE); } theme.setNotEditable(Boolean.FALSE); if (theme.getName().equals(CSSThemeUtil.DEFAULT_HTML_THEME) || theme.getName().equals(CSSThemeUtil.DEFAULT_FLASH_THEME)) { theme.setNotEditable(Boolean.TRUE); } } request.setAttribute("themes", themes); return mapping.findForward("success"); }
From source file:org.lamsfoundation.lams.admin.web.action.CloneLessonsAction.java
public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws UserAccessDeniedException { if (!(request.isUserInRole(Role.SYSADMIN))) { throw new UserAccessDeniedException(); }/* w w w. ja v a2 s .co m*/ List<String> errors = new ArrayList<String>(); try { userManagementService = AdminServiceProxy.getService(getServlet().getServletContext()); String method = WebUtil.readStrParam(request, "method", true); if (StringUtils.equals(method, "getGroups")) { return getGroups(mapping, form, request, response); } else if (StringUtils.equals(method, "getSubgroups")) { return getSubgroups(mapping, form, request, response); } else if (StringUtils.equals(method, "availableLessons")) { return availableLessons(mapping, form, request, response); } else if (StringUtils.equals(method, "selectStaff")) { return selectStaff(mapping, form, request, response); } else if (StringUtils.equals(method, "selectLearners")) { return selectLearners(mapping, form, request, response); } else if (StringUtils.equals(method, "clone")) { return clone(mapping, form, request, response); } } catch (Exception e) { e.printStackTrace(); errors.add(e.getMessage()); } request.setAttribute("errors", errors); // default action Integer groupId = WebUtil.readIntParam(request, "groupId", false); request.setAttribute("org", userManagementService.findById(Organisation.class, groupId)); return mapping.findForward("start"); }
From source file:org.ng200.openolympus.controller.user.SolutionStatusController.java
@RequestMapping(value = "/solution", method = RequestMethod.GET) public String viewSolutionStatus(final HttpServletRequest request, final Model model, @RequestParam(value = "id") final Solution solution, final Principal principal) { if (principal == null || (!solution.getUser().getUsername().equals(principal.getName()) && !request.isUserInRole(Role.SUPERUSER))) { throw new InsufficientAuthenticationException( "You attempted to view a solution that doesn't belong to you!"); }/* w w w .j a v a 2 s.c o m*/ this.assertSuperuserOrTaskAllowed(principal, solution.getTask()); model.addAttribute("solution", solution); final List<Verdict> verdicts = this.solutionService.getVerdicts(solution); model.addAttribute("completeScore", verdicts.stream().map((x) -> x.getScore()).reduce((x, y) -> x.add(y)).orElse(BigDecimal.ZERO)); model.addAttribute("completeMaximumScore", verdicts.stream().map((x) -> x.getMaximumScore()) .reduce((x, y) -> x.add(y)).orElse(BigDecimal.ZERO)); model.addAttribute("verdicts", verdicts.stream().sorted((l, r) -> Long.compare(l.getId(), r.getId())) .collect(Collectors.toList())); model.addAttribute("verdictMessageStrings", new HashMap<SolutionResult.Result, String>() { /** * */ private static final long serialVersionUID = 8526897014680785208L; { this.put(SolutionResult.Result.OK, "solution.result.ok"); this.put(SolutionResult.Result.TIME_LIMIT, "solution.result.timeLimit"); this.put(SolutionResult.Result.MEMORY_LIMIT, "solution.result.memoryLimit"); this.put(SolutionResult.Result.OUTPUT_LIMIT, "solution.result.outputLimit"); this.put(SolutionResult.Result.RUNTIME_ERROR, "solution.result.runtimeError"); this.put(SolutionResult.Result.INTERNAL_ERROR, "solution.result.internalError"); this.put(SolutionResult.Result.SECURITY_VIOLATION, "solution.result.securityViolation"); this.put(SolutionResult.Result.COMPILE_ERROR, "solution.result.compileError"); this.put(SolutionResult.Result.PRESENTATION_ERROR, "solution.result.presentationError"); this.put(SolutionResult.Result.WRONG_ANSWER, "solution.result.wrongAnswer"); } }); return "tasks/solution"; }
From source file:eu.europa.ec.fisheries.uvms.spatial.rest.resources.secured.UserAreaResource.java
private boolean isPowerUser(HttpServletRequest request) { return request.isUserInRole("MANAGE_ANY_USER_AREA"); }
From source file:pdl.web.controller.rest.RestMainController.java
@RequestMapping(value = "role", method = RequestMethod.GET) public @ResponseBody Map<String, Object> getRoles(HttpServletRequest req, Principal principal) { Map<String, Object> rtnJson = new HashMap<String, Object>(); rtnJson.put("hinder", req.isUserInRole("ROLE_ADMIN")); rtnJson.put("c_u", principal.getName()); return rtnJson; }
From source file:org.springframework.boot.actuate.endpoint.mvc.MvcEndpointSecurityInterceptor.java
private boolean isUserAllowedAccess(HttpServletRequest request) { AuthoritiesValidator authoritiesValidator = null; if (isSpringSecurityAvailable()) { authoritiesValidator = new AuthoritiesValidator(); }/* ww w .j a v a2 s . co m*/ for (String role : this.roles) { if (request.isUserInRole(role)) { return true; } if (authoritiesValidator != null && authoritiesValidator.hasAuthority(role)) { return true; } } return false; }