public class ThesaurusAccessController extends AbstractProfileStorageBasedAccessController implements Contextualizable
AccessController for a thesaurus objects. The rights are checked on '/cms' context.
Read access is allowed to any connected user.AbstractProfileStorageBasedAccessController.CacheKindAccessController.AccessResult| Modifier and Type | Field and Description |
|---|---|
private static String |
__APPLICATION_RIGHT_CONTEXT
The right context for thesaurus
|
private ContentTypesHelper |
_contentTypeHelper |
private Context |
_context |
private ThesaurusDAO |
_thesaurusDAO |
__ANONYMOUS_USER_IDENTITY, __ANY_CONTECTED_USER_IDENTITY, _profileAssignmentStorageEP, _rightManager, _rightProfileDAO| Constructor and Description |
|---|
ThesaurusAccessController() |
| Modifier and Type | Method and Description |
|---|---|
protected Object |
_convertContext(Object initialContext)
For methods getXXXXPermissionYYY allow to have a modification of the context before transfering it to the profile assignment storage extension point
The default implemenation keep the context as it is
|
private String |
_convertRightId(String rightId) |
protected Set<? extends Object> |
_convertWorkspaceToRootRightContexts(Set<Object> workspacesContexts)
Get the current workspaces contexts and turn it into root contexts in order to allow methods hasXXXAnyPermissionOnWorkspace to work
|
private String |
_getSiteName() |
void |
contextualize(Context context) |
AccessController.AccessResult |
getPermission(UserIdentity user,
Set<GroupIdentity> userGroups,
String rightId,
Object object)
Gets the kind of access a user has on an object for a given right
|
Map<GroupIdentity,AccessController.AccessResult> |
getPermissionByGroup(String rightId,
Object object)
Gets the permission by group only on an object for the given right.
|
Map<String,AccessController.AccessResult> |
getPermissionByRight(UserIdentity user,
Set<GroupIdentity> userGroups,
Object object)
Gets the kind of access a user has on an object for all rights
|
Map<UserIdentity,AccessController.AccessResult> |
getPermissionByUser(String rightId,
Object object)
Gets the permission by user only on an object for the given right.
|
AccessController.AccessResult |
getPermissionForAnonymous(String rightId,
Object object)
Gets the permission for Anonymous only on an object for a given right
|
AccessController.AccessResult |
getPermissionForAnyConnectedUser(String rightId,
Object object)
Gets the permission for any connected user only on an object for a given right
|
AccessController.AccessResult |
getReadAccessPermission(UserIdentity user,
Set<GroupIdentity> userGroups,
Object object)
Gets the kind of access a user has on an object for thye read access
|
Map<GroupIdentity,AccessController.AccessResult> |
getReadAccessPermissionByGroup(Object object)
Gets the read access permission by group only on an object.
|
Map<UserIdentity,AccessController.AccessResult> |
getReadAccessPermissionByUser(Object object)
Gets the read access permission by user only on an object.
|
AccessController.AccessResult |
getReadAccessPermissionForAnonymous(Object object)
Gets the read access permission for Anonymous only on an object
|
AccessController.AccessResult |
getReadAccessPermissionForAnyConnectedUser(Object object)
Gets the read access permission for any connected user only on an object
|
boolean |
isSupported(Object object)
Returns true if this access controller supports the given object
|
void |
service(ServiceManager manager) |
_getPermission, _getPermissionByGroup, _getPermissionByUser, _getPermissionForAnonymous, _getPermissionForAnyConnectedUser, _hasRightResultInFirstCache, _hasRightResultInSecondCache, _putInFirstCache, _putInSecondCache, hasAnonymousAnyPermissionOnWorkspace, hasAnonymousAnyReadAccessPermissionOnWorkspace, hasAnyConnectedUserAnyPermissionOnWorkspace, hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace, hasUserAnyPermissionOnWorkspace, hasUserAnyReadAccessPermissionOnWorkspacegetLogger, setLoggerprivate static final String __APPLICATION_RIGHT_CONTEXT
private ContentTypesHelper _contentTypeHelper
private ThesaurusDAO _thesaurusDAO
public ThesaurusAccessController()
public void contextualize(Context context) throws ContextException
contextualize in interface ContextualizableContextExceptionpublic void service(ServiceManager manager) throws ServiceException
service in interface Serviceableservice in class AbstractProfileStorageBasedAccessControllerServiceExceptionpublic boolean isSupported(Object object)
AccessControllerisSupported in interface AccessControllerobject - The object to testprotected Object _convertContext(Object initialContext)
AbstractProfileStorageBasedAccessController_convertContext in class AbstractProfileStorageBasedAccessControllerinitialContext - The right context that is supportedprivate String _convertRightId(String rightId)
public AccessController.AccessResult getPermission(UserIdentity user, Set<GroupIdentity> userGroups, String rightId, Object object)
AccessControllergetPermission in interface AccessControllergetPermission in class AbstractProfileStorageBasedAccessControlleruser - The user. Cannot be null.userGroups - The groups the user belongs torightId - The id of the right of the userobject - The context object to check the accesspublic AccessController.AccessResult getReadAccessPermission(UserIdentity user, Set<GroupIdentity> userGroups, Object object)
AccessControllergetReadAccessPermission in interface AccessControllergetReadAccessPermission in class AbstractProfileStorageBasedAccessControlleruser - The user. Cannot be null.userGroups - The groups the user belongs toobject - The context object to check the accesspublic Map<String,AccessController.AccessResult> getPermissionByRight(UserIdentity user, Set<GroupIdentity> userGroups, Object object)
AccessControllergetPermissionByRight in interface AccessControllergetPermissionByRight in class AbstractProfileStorageBasedAccessControlleruser - The user. Cannot be null.userGroups - The groups the user belongs toobject - The context object to check the accesspublic AccessController.AccessResult getPermissionForAnonymous(String rightId, Object object)
AccessControllergetPermissionForAnonymous in interface AccessControllergetPermissionForAnonymous in class AbstractProfileStorageBasedAccessControllerrightId - The id of the right to checkobject - The objectpublic AccessController.AccessResult getReadAccessPermissionForAnonymous(Object object)
AccessControllergetReadAccessPermissionForAnonymous in interface AccessControllergetReadAccessPermissionForAnonymous in class AbstractProfileStorageBasedAccessControllerobject - The objectpublic AccessController.AccessResult getPermissionForAnyConnectedUser(String rightId, Object object)
AccessControllergetPermissionForAnyConnectedUser in interface AccessControllergetPermissionForAnyConnectedUser in class AbstractProfileStorageBasedAccessControllerrightId - The id of the right to checkobject - The objectpublic AccessController.AccessResult getReadAccessPermissionForAnyConnectedUser(Object object)
AccessControllergetReadAccessPermissionForAnyConnectedUser in interface AccessControllergetReadAccessPermissionForAnyConnectedUser in class AbstractProfileStorageBasedAccessControllerobject - The objectpublic Map<UserIdentity,AccessController.AccessResult> getPermissionByUser(String rightId, Object object)
AccessControllergetPermissionByUser in interface AccessControllergetPermissionByUser in class AbstractProfileStorageBasedAccessControllerrightId - The id of the right to checkobject - The objectpublic Map<GroupIdentity,AccessController.AccessResult> getReadAccessPermissionByGroup(Object object)
AccessControllergetReadAccessPermissionByGroup in interface AccessControllergetReadAccessPermissionByGroup in class AbstractProfileStorageBasedAccessControllerobject - The objectpublic Map<UserIdentity,AccessController.AccessResult> getReadAccessPermissionByUser(Object object)
AccessControllergetReadAccessPermissionByUser in interface AccessControllergetReadAccessPermissionByUser in class AbstractProfileStorageBasedAccessControllerobject - The objectpublic Map<GroupIdentity,AccessController.AccessResult> getPermissionByGroup(String rightId, Object object)
AccessControllergetPermissionByGroup in interface AccessControllergetPermissionByGroup in class AbstractProfileStorageBasedAccessControllerrightId - The id of the right to checkobject - The objectprotected Set<? extends Object> _convertWorkspaceToRootRightContexts(Set<Object> workspacesContexts)
AbstractProfileStorageBasedAccessController_convertWorkspaceToRootRightContexts in class AbstractProfileStorageBasedAccessControllerworkspacesContexts - The workspace contexts. Such as '/${WorkspaceName}', '/admin'private String _getSiteName()