org.ametys.plugins.core.impl.right

Class AbstractHierarchicalAccessController<T>

java.lang.Object

org.ametys.runtime.plugin.component.AbstractLogEnabled

org.ametys.plugins.core.impl.right.AbstractProfileStorageBasedAccessController

org.ametys.plugins.core.impl.right.AbstractHierarchicalAccessController<T>

Type Parameters:

T - The class of a supported object, from which you can retrieve its parent with _getParents(Object)

All Implemented Interfaces:

AccessController, LogEnabled, Component, Serviceable

Direct Known Subclasses:

ContentAccessController, ContentTypeAccessController, ODFContentHierarchicalAccessController, PageAccessController, ReferenceTableAccessController, ResourceAccessController, StringHierarchicalAccessController, SynchronizedContentAccessController, UserDirectoryContentAccessController

public abstract class AbstractHierarchicalAccessController<T>
extends AbstractProfileStorageBasedAccessController

Abstract AccessController for a hierarchical type of object.

Nested Class Summary

Nested classes/interfaces inherited from class org.ametys.plugins.core.impl.right.AbstractProfileStorageBasedAccessController

AbstractProfileStorageBasedAccessController.CacheKind

Nested classes/interfaces inherited from interface org.ametys.core.right.AccessController

AccessController.AccessResult

Field Summary

Fields inherited from class org.ametys.plugins.core.impl.right.AbstractProfileStorageBasedAccessController

__ANONYMOUS_USER_IDENTITY, __ANY_CONTECTED_USER_IDENTITY, _profileAssignmentStorageEP, _rightManager, _rightProfileDAO

Constructor Summary

Constructors

Constructor and Description
AbstractHierarchicalAccessController()

Method Summary

Modifier and Type	Method and Description
protected abstract Set<T>	_getParents(T object) Gets the parents of the object.
protected AccessController.AccessResult	_getPermission(UserIdentity user, Set<GroupIdentity> userGroups, Set<String> profilesIds, Object object, Object convertedObject) Works for getPermission or getReadAccessPermission
protected Map<GroupIdentity,AccessController.AccessResult>	_getPermissionByGroup(Set<String> profilesIds, Object object, Object convertedObject) Works for getPermissionByGroup and getReadAccessPermissionByGroup
protected Map<UserIdentity,AccessController.AccessResult>	_getPermissionByUser(Set<String> profilesIds, Object object, Object convertedObject) Works for getPermissionByUser and getReadAccessPermissionByUser
protected AccessController.AccessResult	_getPermissionForAnonymous(Set<String> profilesIds, Object object, Object convertedObject) Works for getPermissionForAnonymous and getReadAccessPermissionForAnonymous
protected AccessController.AccessResult	_getPermissionForAnyConnectedUser(Set<String> profilesIds, Object object, Object convertedObject) Works for getPermissionForAnyConnectedUser and getReadAccessPermissionForAnyConnectedUser
Map<String,AccessController.AccessResult>	getPermissionByRight(UserIdentity user, Set<GroupIdentity> userGroups, Object object) Gets the kind of access a user has on an object for all rights

Methods inherited from class org.ametys.plugins.core.impl.right.AbstractProfileStorageBasedAccessController

_convertContext, _convertWorkspaceToRootRightContexts, _hasRightResultInFirstCache, _hasRightResultInSecondCache, _putInFirstCache, _putInSecondCache, getPermission, getPermissionByGroup, getPermissionByUser, getPermissionForAnonymous, getPermissionForAnyConnectedUser, getReadAccessPermission, getReadAccessPermissionByGroup, getReadAccessPermissionByUser, getReadAccessPermissionForAnonymous, getReadAccessPermissionForAnyConnectedUser, hasAnonymousAnyPermissionOnWorkspace, hasAnonymousAnyReadAccessPermissionOnWorkspace, hasAnyConnectedUserAnyPermissionOnWorkspace, hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace, hasUserAnyPermissionOnWorkspace, hasUserAnyReadAccessPermissionOnWorkspace, service

Methods inherited from class org.ametys.runtime.plugin.component.AbstractLogEnabled

getLogger, setLogger

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.ametys.core.right.AccessController

isSupported

Constructor Detail

AbstractHierarchicalAccessController

public AbstractHierarchicalAccessController()

Method Detail

_getParents

protected abstract Set<T> _getParents(T object)

Gets the parents of the object. Must return null when the object is the "root" (where "root" means here the root of the hierarchy of the access controller)

Parameters:

object - The object

Returns:

the parents of the object, or null if the object is the "root" of the hierarchy

getPermissionByRight

public Map<String,AccessController.AccessResult> getPermissionByRight(UserIdentity user,
                                                                      Set<GroupIdentity> userGroups,
                                                                      Object object)

Description copied from interface: AccessController

Gets the kind of access a user has on an object for all rights

Specified by:

getPermissionByRight in interface AccessController

Overrides:

getPermissionByRight in class AbstractProfileStorageBasedAccessController

Parameters:

user - The user. Cannot be null.

userGroups - The groups the user belongs to

object - The context object to check the access

Returns:

the kind of access a user has on an object for all rights

_getPermission

protected AccessController.AccessResult _getPermission(UserIdentity user,
                                                       Set<GroupIdentity> userGroups,
                                                       Set<String> profilesIds,
                                                       Object object,
                                                       Object convertedObject)

Description copied from class: AbstractProfileStorageBasedAccessController

Works for getPermission or getReadAccessPermission

Overrides:

_getPermission in class AbstractProfileStorageBasedAccessController

Parameters:

user - The use

userGroups - The groups

profilesIds - The profiles

object - The original context

convertedObject - The converted context

Returns:

the computed result

_getPermissionForAnonymous

protected AccessController.AccessResult _getPermissionForAnonymous(Set<String> profilesIds,
                                                                   Object object,
                                                                   Object convertedObject)

Description copied from class: AbstractProfileStorageBasedAccessController

Works for getPermissionForAnonymous and getReadAccessPermissionForAnonymous

Overrides:

_getPermissionForAnonymous in class AbstractProfileStorageBasedAccessController

Parameters:

profilesIds - The profiles ids

object - The context

convertedObject - The converted context

Returns:

The access result

_getPermissionForAnyConnectedUser

protected AccessController.AccessResult _getPermissionForAnyConnectedUser(Set<String> profilesIds,
                                                                          Object object,
                                                                          Object convertedObject)

Description copied from class: AbstractProfileStorageBasedAccessController

Works for getPermissionForAnyConnectedUser and getReadAccessPermissionForAnyConnectedUser

Overrides:

_getPermissionForAnyConnectedUser in class AbstractProfileStorageBasedAccessController

Parameters:

profilesIds - The profiles ids

object - The context

convertedObject - The converted context

Returns:

the access result

_getPermissionByUser

protected Map<UserIdentity,AccessController.AccessResult> _getPermissionByUser(Set<String> profilesIds,
                                                                               Object object,
                                                                               Object convertedObject)

Description copied from class: AbstractProfileStorageBasedAccessController

Works for getPermissionByUser and getReadAccessPermissionByUser

Overrides:

_getPermissionByUser in class AbstractProfileStorageBasedAccessController

Parameters:

profilesIds - The profiles ids

object - The context

convertedObject - The converted context

Returns:

The users and their access results

_getPermissionByGroup

protected Map<GroupIdentity,AccessController.AccessResult> _getPermissionByGroup(Set<String> profilesIds,
                                                                                 Object object,
                                                                                 Object convertedObject)

Description copied from class: AbstractProfileStorageBasedAccessController

Works for getPermissionByGroup and getReadAccessPermissionByGroup

Overrides:

_getPermissionByGroup in class AbstractProfileStorageBasedAccessController

Parameters:

profilesIds - The profiles ids

object - The context

convertedObject - The converted context

Returns:

The users and their access results