nl.gx.webmanager.authorization
Interface AuthorizationService

All Known Implementing Classes:

AuthorizationServiceImpl

public interface AuthorizationService

Provides access to check permissions.

Author:

arjans

Method Summary

boolean	checkAccess(java.lang.String permissionValue) Returns true if the owner of the current session has access for the given permission.
boolean	checkAccess(java.lang.String permissionValue, WorkflowEnabled workflowEnabledObject) Returns true if the owner of the current session has both the requested static RBAC authorization as well as the dynamic Workflow authorization according to the Workflow of the given Workflow enabled object.
boolean	checkAccess(java.lang.String permissionValue, WorkflowModel workflowModel) Returns true if the owner of the current session has both the requested static RBAC authorization as well as the auhorization to initiate the given Workflow model (in other words; to create a Workflow model instance from it) Returns false otherwise
boolean	checkComponent(java.lang.String permissionValue, int webid) This method checks if the component that corresponds to the given permission is enabled or not.
User	getCurrentUser() Returns the currently logged in user.
java.lang.String[]	getElementCreatePermission(java.lang.Class<? extends Element> elementClass) Returns the create RBAC permissions associated with this element.
java.lang.String[]	getElementDeletePermission(java.lang.Class<? extends Element> elementClass) Returns the Delete RBAC permission associated with this element.
User	getUserById(int id) Returns the user specified by the SiteWorks id.
User	getUserByUsername(java.lang.String username) Returns the user specified by a username.
boolean	login(java.lang.String username, java.lang.String password, javax.servlet.http.HttpServletRequest request) Logs in the given user with the given password for the given http servlet request
void	registerCreatePermissions(java.lang.Class<? extends Element> elementClass, Permission[] createPermissions) Called by element component type to register the create permissions registered by the element component definition
void	registerDeletePermissions(java.lang.Class<? extends Element> elementClass, Permission[] deletePermissions) Called by element component type to register the delete permissions registered by the element component definition
void	unregisterCreatePermissions(java.lang.Class<? extends Element> elementClass) Called by element component type to unregister the create permissions registered by the element component definition
void	unregisterDeletePermissions(java.lang.Class<? extends Element> elementClass) Called by element component type to unregister the delete permissions registered by the element component definition

Method Detail

checkAccess

boolean checkAccess(java.lang.String permissionValue)

Returns true if the owner of the current session has access for the given permission.

Parameters:

permissionValue - Value that uniquely identifies the permission to check.

Returns:

true If the owner of the current session is has access to given permission.

checkAccess

boolean checkAccess(java.lang.String permissionValue,
                    WorkflowEnabled workflowEnabledObject)

Returns true if the owner of the current session has both the requested static RBAC authorization as well as the dynamic Workflow authorization according to the Workflow of the given Workflow enabled object. Returns false otherwise.

Parameters:

permissionValue - RBAC authorization key to check authorization for.

workflowEnabledObject - Workflow enabled object to check Workflow authorization against.

Returns:

true if the owner of the current session has both static RBAC and dynamic Workflow authorization for the requested RBAC permission and Workflow context.

checkAccess

boolean checkAccess(java.lang.String permissionValue,
                    WorkflowModel workflowModel)

Returns true if the owner of the current session has both the requested static RBAC authorization as well as the auhorization to initiate the given Workflow model (in other words; to create a Workflow model instance from it) Returns false otherwise

Parameters:

permissionValue - RBAC authorization key to check authorization for

workflowEnabledObject - Workflow model to check Workflow authorization against

Returns:

true if the owner of the current session has both static RBAC and dynamic Workflow authorization to initiate the given Workflow model

checkComponent

boolean checkComponent(java.lang.String permissionValue,
                       int webid)

This method checks if the component that corresponds to the given permission is enabled or not. Note that if 'show_as_component' of the component category is false then this method will always return true; the component in that case cannot be disabled using the GUI.

Parameters:

permissionValue - Label of the permission to check component access for

Returns:

true if the component that belongs to the permission is either enabled in the GUI or has the 'show_as_component' option set to false.

registerCreatePermissions

void registerCreatePermissions(java.lang.Class<? extends Element> elementClass,
                               Permission[] createPermissions)

Called by element component type to register the create permissions registered by the element component definition

Parameters:

elementClass - Element class to register the create permissions for

createPermissions - Create permissions to register

unregisterCreatePermissions

void unregisterCreatePermissions(java.lang.Class<? extends Element> elementClass)

Called by element component type to unregister the create permissions registered by the element component definition

Parameters:

elementClass - Element class to unregister the create permissions for

registerDeletePermissions

void registerDeletePermissions(java.lang.Class<? extends Element> elementClass,
                               Permission[] deletePermissions)

Called by element component type to register the delete permissions registered by the element component definition

Parameters:

elementClass - Element class to register the delete permissions for

deletePermissions - Delete permissions to register

unregisterDeletePermissions

void unregisterDeletePermissions(java.lang.Class<? extends Element> elementClass)

Called by element component type to unregister the delete permissions registered by the element component definition

Parameters:

elementClass - Element class to unregister the delete permissions for

getElementCreatePermission

java.lang.String[] getElementCreatePermission(java.lang.Class<? extends Element> elementClass)

Returns the create RBAC permissions associated with this element. This is the permission that allows the user to create the element

Returns:

RBAC permission that grants create permission on this element

getElementDeletePermission

java.lang.String[] getElementDeletePermission(java.lang.Class<? extends Element> elementClass)

Returns the Delete RBAC permission associated with this element. This is the permission that allows the user to delete the element

Returns:

RBAC permission that grants delete permission on this element

login

boolean login(java.lang.String username,
              java.lang.String password,
              javax.servlet.http.HttpServletRequest request)

Logs in the given user with the given password for the given http servlet request

Parameters:

username - Username of the user

password - Password of the user

request - Current http servlet request

Returns:

true if login was successful, false otherwise

getCurrentUser

User getCurrentUser()

Returns the currently logged in user.

Returns:

the currently logged in user.

getUserById

User getUserById(int id)

Returns the user specified by the SiteWorks id.

Returns:

the user specified by the SiteWorks id.

getUserByUsername

User getUserByUsername(java.lang.String username)

Returns the user specified by a username.

Parameters:

username - Username to search for (case sensitive).

Returns:

User found or null if the user can not be found.