public class ThesaurusAccessController extends AbstractProfileStorageBasedAccessController implements Contextualizable
AccessController
for a thesaurus objects. The rights are checked on '/cms' context.
Read access is allowed to any connected user.AbstractProfileStorageBasedAccessController.CacheKind
AccessController.AccessResult
Modifier and Type | Field and Description |
---|---|
private static String |
__APPLICATION_RIGHT_CONTEXT
The right context for thesaurus
|
private ContentTypesHelper |
_contentTypeHelper |
private Context |
_context |
private ThesaurusDAO |
_thesaurusDAO |
__ANONYMOUS_USER_IDENTITY, __ANY_CONTECTED_USER_IDENTITY, _profileAssignmentStorageEP, _rightManager, _rightProfileDAO
Constructor and Description |
---|
ThesaurusAccessController() |
Modifier and Type | Method and Description |
---|---|
protected Object |
_convertContext(Object initialContext)
For methods getXXXXPermissionYYY allow to have a modification of the context before transfering it to the profile assignment storage extension point
The default implemenation keep the context as it is
|
private String |
_convertRightId(String rightId) |
protected Set<? extends Object> |
_convertWorkspaceToRootRightContexts(Set<Object> workspacesContexts)
Get the current workspaces contexts and turn it into root contexts in order to allow methods hasXXXAnyPermissionOnWorkspace to work
|
private String |
_getSiteName() |
void |
contextualize(Context context) |
AccessController.AccessResult |
getPermission(UserIdentity user,
Set<GroupIdentity> userGroups,
String rightId,
Object object)
Gets the kind of access a user has on an object for a given right
|
Map<GroupIdentity,AccessController.AccessResult> |
getPermissionByGroup(String rightId,
Object object)
Gets the permission by group only on an object for the given right.
|
Map<String,AccessController.AccessResult> |
getPermissionByRight(UserIdentity user,
Set<GroupIdentity> userGroups,
Object object)
Gets the kind of access a user has on an object for all rights
|
Map<UserIdentity,AccessController.AccessResult> |
getPermissionByUser(String rightId,
Object object)
Gets the permission by user only on an object for the given right.
|
AccessController.AccessResult |
getPermissionForAnonymous(String rightId,
Object object)
Gets the permission for Anonymous only on an object for a given right
|
AccessController.AccessResult |
getPermissionForAnyConnectedUser(String rightId,
Object object)
Gets the permission for any connected user only on an object for a given right
|
AccessController.AccessResult |
getReadAccessPermission(UserIdentity user,
Set<GroupIdentity> userGroups,
Object object)
Gets the kind of access a user has on an object for thye read access
|
Map<GroupIdentity,AccessController.AccessResult> |
getReadAccessPermissionByGroup(Object object)
Gets the read access permission by group only on an object.
|
Map<UserIdentity,AccessController.AccessResult> |
getReadAccessPermissionByUser(Object object)
Gets the read access permission by user only on an object.
|
AccessController.AccessResult |
getReadAccessPermissionForAnonymous(Object object)
Gets the read access permission for Anonymous only on an object
|
AccessController.AccessResult |
getReadAccessPermissionForAnyConnectedUser(Object object)
Gets the read access permission for any connected user only on an object
|
boolean |
isSupported(Object object)
Returns true if this access controller supports the given object
|
void |
service(ServiceManager manager) |
_getPermission, _getPermissionByGroup, _getPermissionByUser, _getPermissionForAnonymous, _getPermissionForAnyConnectedUser, _hasRightResultInFirstCache, _hasRightResultInSecondCache, _putInFirstCache, _putInSecondCache, hasAnonymousAnyPermissionOnWorkspace, hasAnonymousAnyReadAccessPermissionOnWorkspace, hasAnyConnectedUserAnyPermissionOnWorkspace, hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace, hasUserAnyPermissionOnWorkspace, hasUserAnyReadAccessPermissionOnWorkspace
getLogger, setLogger
private static final String __APPLICATION_RIGHT_CONTEXT
private ContentTypesHelper _contentTypeHelper
private ThesaurusDAO _thesaurusDAO
public ThesaurusAccessController()
public void contextualize(Context context) throws ContextException
contextualize
in interface Contextualizable
ContextException
public void service(ServiceManager manager) throws ServiceException
service
in interface Serviceable
service
in class AbstractProfileStorageBasedAccessController
ServiceException
public boolean isSupported(Object object)
AccessController
isSupported
in interface AccessController
object
- The object to testprotected Object _convertContext(Object initialContext)
AbstractProfileStorageBasedAccessController
_convertContext
in class AbstractProfileStorageBasedAccessController
initialContext
- The right context that is supportedprivate String _convertRightId(String rightId)
public AccessController.AccessResult getPermission(UserIdentity user, Set<GroupIdentity> userGroups, String rightId, Object object)
AccessController
getPermission
in interface AccessController
getPermission
in class AbstractProfileStorageBasedAccessController
user
- The user. Cannot be null.userGroups
- The groups the user belongs torightId
- The id of the right of the userobject
- The context object to check the accesspublic AccessController.AccessResult getReadAccessPermission(UserIdentity user, Set<GroupIdentity> userGroups, Object object)
AccessController
getReadAccessPermission
in interface AccessController
getReadAccessPermission
in class AbstractProfileStorageBasedAccessController
user
- The user. Cannot be null.userGroups
- The groups the user belongs toobject
- The context object to check the accesspublic Map<String,AccessController.AccessResult> getPermissionByRight(UserIdentity user, Set<GroupIdentity> userGroups, Object object)
AccessController
getPermissionByRight
in interface AccessController
getPermissionByRight
in class AbstractProfileStorageBasedAccessController
user
- The user. Cannot be null.userGroups
- The groups the user belongs toobject
- The context object to check the accesspublic AccessController.AccessResult getPermissionForAnonymous(String rightId, Object object)
AccessController
getPermissionForAnonymous
in interface AccessController
getPermissionForAnonymous
in class AbstractProfileStorageBasedAccessController
rightId
- The id of the right to checkobject
- The objectpublic AccessController.AccessResult getReadAccessPermissionForAnonymous(Object object)
AccessController
getReadAccessPermissionForAnonymous
in interface AccessController
getReadAccessPermissionForAnonymous
in class AbstractProfileStorageBasedAccessController
object
- The objectpublic AccessController.AccessResult getPermissionForAnyConnectedUser(String rightId, Object object)
AccessController
getPermissionForAnyConnectedUser
in interface AccessController
getPermissionForAnyConnectedUser
in class AbstractProfileStorageBasedAccessController
rightId
- The id of the right to checkobject
- The objectpublic AccessController.AccessResult getReadAccessPermissionForAnyConnectedUser(Object object)
AccessController
getReadAccessPermissionForAnyConnectedUser
in interface AccessController
getReadAccessPermissionForAnyConnectedUser
in class AbstractProfileStorageBasedAccessController
object
- The objectpublic Map<UserIdentity,AccessController.AccessResult> getPermissionByUser(String rightId, Object object)
AccessController
getPermissionByUser
in interface AccessController
getPermissionByUser
in class AbstractProfileStorageBasedAccessController
rightId
- The id of the right to checkobject
- The objectpublic Map<GroupIdentity,AccessController.AccessResult> getReadAccessPermissionByGroup(Object object)
AccessController
getReadAccessPermissionByGroup
in interface AccessController
getReadAccessPermissionByGroup
in class AbstractProfileStorageBasedAccessController
object
- The objectpublic Map<UserIdentity,AccessController.AccessResult> getReadAccessPermissionByUser(Object object)
AccessController
getReadAccessPermissionByUser
in interface AccessController
getReadAccessPermissionByUser
in class AbstractProfileStorageBasedAccessController
object
- The objectpublic Map<GroupIdentity,AccessController.AccessResult> getPermissionByGroup(String rightId, Object object)
AccessController
getPermissionByGroup
in interface AccessController
getPermissionByGroup
in class AbstractProfileStorageBasedAccessController
rightId
- The id of the right to checkobject
- The objectprotected Set<? extends Object> _convertWorkspaceToRootRightContexts(Set<Object> workspacesContexts)
AbstractProfileStorageBasedAccessController
_convertWorkspaceToRootRightContexts
in class AbstractProfileStorageBasedAccessController
workspacesContexts
- The workspace contexts. Such as '/${WorkspaceName}', '/admin'private String _getSiteName()