public class BPMAccessController extends Object implements AccessController, Serviceable
AccessController.AccessResult
Modifier and Type | Field and Description |
---|---|
private BPMWorkflowManager |
_bpmWorkflowManager |
private CurrentUserProvider |
_currentUserProvider |
private AmetysObjectResolver |
_resolver |
private static String |
BPM_WORKFLOWS_PATH |
Constructor and Description |
---|
BPMAccessController() |
Modifier and Type | Method and Description |
---|---|
AccessController.AccessResult |
getPermission(UserIdentity user,
Set<GroupIdentity> userGroups,
String rightId,
Object object)
Gets the kind of access a user has on an object for a given right
|
Map<GroupIdentity,AccessController.AccessResult> |
getPermissionByGroup(String rightId,
Object object)
Gets the permission by group only on an object for the given right.
|
Map<String,AccessController.AccessResult> |
getPermissionByRight(UserIdentity user,
Set<GroupIdentity> userGroups,
Object object)
Gets the kind of access a user has on an object for all rights
|
Map<UserIdentity,AccessController.AccessResult> |
getPermissionByUser(String rightId,
Object object)
Gets the permission by user only on an object for the given right.
|
AccessController.AccessResult |
getPermissionForAnonymous(String rightId,
Object object)
Gets the permission for Anonymous only on an object for a given right
|
AccessController.AccessResult |
getPermissionForAnyConnectedUser(String rightId,
Object object)
Gets the permission for any connected user only on an object for a given right
|
AccessController.AccessResult |
getReadAccessPermission(UserIdentity user,
Set<GroupIdentity> userGroups,
Object object)
Gets the kind of access a user has on an object for thye read access
|
Map<GroupIdentity,AccessController.AccessResult> |
getReadAccessPermissionByGroup(Object object)
Gets the read access permission by group only on an object.
|
Map<UserIdentity,AccessController.AccessResult> |
getReadAccessPermissionByUser(Object object)
Gets the read access permission by user only on an object.
|
AccessController.AccessResult |
getReadAccessPermissionForAnonymous(Object object)
Gets the read access permission for Anonymous only on an object
|
AccessController.AccessResult |
getReadAccessPermissionForAnyConnectedUser(Object object)
Gets the read access permission for any connected user only on an object
|
boolean |
hasAnonymousAnyPermissionOnWorkspace(Set<Object> workspacesContexts,
String rightId)
Returns true if anonymous has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.
|
boolean |
hasAnonymousAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)
Returns true if anonymous has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.
|
boolean |
hasAnyConnectedUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts,
String rightId)
Returns true if any connected user has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.
|
boolean |
hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)
Returns true if any connected user has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.
|
boolean |
hasUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts,
UserIdentity user,
Set<GroupIdentity> userGroups,
String rightId)
Returns true if the user has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.
|
boolean |
hasUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts,
UserIdentity user,
Set<GroupIdentity> userGroups)
Returns true if the user has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.
|
boolean |
isSupported(Object object)
Returns true if this access controller supports the given object
|
void |
service(ServiceManager manager) |
private static final String BPM_WORKFLOWS_PATH
private CurrentUserProvider _currentUserProvider
private BPMWorkflowManager _bpmWorkflowManager
private AmetysObjectResolver _resolver
public BPMAccessController()
public void service(ServiceManager manager) throws ServiceException
service
in interface Serviceable
ServiceException
public boolean isSupported(Object object)
AccessController
isSupported
in interface AccessController
object
- The object to testpublic AccessController.AccessResult getPermission(UserIdentity user, Set<GroupIdentity> userGroups, String rightId, Object object)
AccessController
getPermission
in interface AccessController
user
- The user. Cannot be null.userGroups
- The groups the user belongs torightId
- The id of the right of the userobject
- The context object to check the accesspublic AccessController.AccessResult getReadAccessPermission(UserIdentity user, Set<GroupIdentity> userGroups, Object object)
AccessController
getReadAccessPermission
in interface AccessController
user
- The user. Cannot be null.userGroups
- The groups the user belongs toobject
- The context object to check the accesspublic Map<String,AccessController.AccessResult> getPermissionByRight(UserIdentity user, Set<GroupIdentity> userGroups, Object object)
AccessController
getPermissionByRight
in interface AccessController
user
- The user. Cannot be null.userGroups
- The groups the user belongs toobject
- The context object to check the accesspublic AccessController.AccessResult getPermissionForAnonymous(String rightId, Object object)
AccessController
getPermissionForAnonymous
in interface AccessController
rightId
- The id of the right to checkobject
- The objectpublic AccessController.AccessResult getReadAccessPermissionForAnonymous(Object object)
AccessController
getReadAccessPermissionForAnonymous
in interface AccessController
object
- The objectpublic AccessController.AccessResult getPermissionForAnyConnectedUser(String rightId, Object object)
AccessController
getPermissionForAnyConnectedUser
in interface AccessController
rightId
- The id of the right to checkobject
- The objectpublic AccessController.AccessResult getReadAccessPermissionForAnyConnectedUser(Object object)
AccessController
getReadAccessPermissionForAnyConnectedUser
in interface AccessController
object
- The objectpublic Map<UserIdentity,AccessController.AccessResult> getPermissionByUser(String rightId, Object object)
AccessController
getPermissionByUser
in interface AccessController
rightId
- The id of the right to checkobject
- The objectpublic Map<UserIdentity,AccessController.AccessResult> getReadAccessPermissionByUser(Object object)
AccessController
getReadAccessPermissionByUser
in interface AccessController
object
- The objectpublic Map<GroupIdentity,AccessController.AccessResult> getPermissionByGroup(String rightId, Object object)
AccessController
getPermissionByGroup
in interface AccessController
rightId
- The id of the right to checkobject
- The objectpublic Map<GroupIdentity,AccessController.AccessResult> getReadAccessPermissionByGroup(Object object)
AccessController
getReadAccessPermissionByGroup
in interface AccessController
object
- The objectpublic boolean hasUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups)
AccessController
hasUserAnyReadAccessPermissionOnWorkspace
in interface AccessController
workspacesContexts
- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}user
- The useruserGroups
- The groupspublic boolean hasUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups, String rightId)
AccessController
hasUserAnyPermissionOnWorkspace
in interface AccessController
workspacesContexts
- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}user
- The useruserGroups
- The groupsrightId
- The id of the right to checkpublic boolean hasAnonymousAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)
AccessController
hasAnonymousAnyReadAccessPermissionOnWorkspace
in interface AccessController
workspacesContexts
- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}public boolean hasAnonymousAnyPermissionOnWorkspace(Set<Object> workspacesContexts, String rightId)
AccessController
hasAnonymousAnyPermissionOnWorkspace
in interface AccessController
workspacesContexts
- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}rightId
- The id of the right to checkpublic boolean hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)
AccessController
hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace
in interface AccessController
workspacesContexts
- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}public boolean hasAnyConnectedUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts, String rightId)
AccessController
hasAnyConnectedUserAnyPermissionOnWorkspace
in interface AccessController
workspacesContexts
- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}rightId
- The id of the right to check