public class AdminAccessController extends Object implements AccessController, Serviceable
AccessController.AccessResult
Modifier and Type | Field and Description |
---|---|
protected RightsExtensionPoint |
_rightsExtensionPoint
The rights extension point
|
protected UserManager |
_userManager
The user manager
|
static String |
ADMIN_RIGHT_CONTEXT
The right context for administration area
|
Constructor and Description |
---|
AdminAccessController() |
Modifier and Type | Method and Description |
---|---|
AccessController.AccessResult |
getPermission(UserIdentity user,
Set<GroupIdentity> userGroups,
String rightId,
Object object)
Gets the kind of access a user has on an object for a given right
|
Map<GroupIdentity,AccessController.AccessResult> |
getPermissionByGroup(String rightId,
Object object)
Gets the permission by group only on an object for the given right.
|
Map<String,AccessController.AccessResult> |
getPermissionByRight(UserIdentity user,
Set<GroupIdentity> userGroups,
Object object)
Gets the kind of access a user has on an object for all rights
|
Map<UserIdentity,AccessController.AccessResult> |
getPermissionByUser(String rightId,
Object object)
Gets the permission by user only on an object for the given right.
|
AccessController.AccessResult |
getPermissionForAnonymous(String rightId,
Object object)
Gets the permission for Anonymous only on an object for a given right
|
AccessController.AccessResult |
getPermissionForAnyConnectedUser(String rightId,
Object object)
Gets the permission for any connected user only on an object for a given right
|
AccessController.AccessResult |
getReadAccessPermission(UserIdentity user,
Set<GroupIdentity> userGroups,
Object object)
Gets the kind of access a user has on an object for thye read access
|
Map<GroupIdentity,AccessController.AccessResult> |
getReadAccessPermissionByGroup(Object object)
Gets the read access permission by group only on an object.
|
Map<UserIdentity,AccessController.AccessResult> |
getReadAccessPermissionByUser(Object object)
Gets the read access permission by user only on an object.
|
AccessController.AccessResult |
getReadAccessPermissionForAnonymous(Object object)
Gets the read access permission for Anonymous only on an object
|
AccessController.AccessResult |
getReadAccessPermissionForAnyConnectedUser(Object object)
Gets the read access permission for any connected user only on an object
|
boolean |
hasAnonymousAnyPermissionOnWorkspace(Set<Object> workspacesContexts,
String rightId)
Returns true if anonymous has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.
|
boolean |
hasAnonymousAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)
Returns true if anonymous has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.
|
boolean |
hasAnyConnectedUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts,
String rightId)
Returns true if any connected user has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.
|
boolean |
hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)
Returns true if any connected user has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.
|
boolean |
hasUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts,
UserIdentity user,
Set<GroupIdentity> userGroups,
String rightId)
Returns true if the user has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.
|
boolean |
hasUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts,
UserIdentity user,
Set<GroupIdentity> userGroups)
Returns true if the user has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.
|
boolean |
isSupported(Object object)
Returns true if this access controller supports the given object
|
void |
service(ServiceManager manager) |
public static final String ADMIN_RIGHT_CONTEXT
protected RightsExtensionPoint _rightsExtensionPoint
protected UserManager _userManager
public AdminAccessController()
public void service(ServiceManager manager) throws ServiceException
service
in interface Serviceable
ServiceException
public AccessController.AccessResult getPermission(UserIdentity user, Set<GroupIdentity> userGroups, String rightId, Object object)
AccessController
getPermission
in interface AccessController
user
- The user. Cannot be null.userGroups
- The groups the user belongs torightId
- The id of the right of the userobject
- The context object to check the accesspublic AccessController.AccessResult getReadAccessPermission(UserIdentity user, Set<GroupIdentity> userGroups, Object object)
AccessController
getReadAccessPermission
in interface AccessController
user
- The user. Cannot be null.userGroups
- The groups the user belongs toobject
- The context object to check the accesspublic Map<String,AccessController.AccessResult> getPermissionByRight(UserIdentity user, Set<GroupIdentity> userGroups, Object object)
AccessController
getPermissionByRight
in interface AccessController
user
- The user. Cannot be null.userGroups
- The groups the user belongs toobject
- The context object to check the accesspublic AccessController.AccessResult getPermissionForAnonymous(String rightId, Object object)
AccessController
getPermissionForAnonymous
in interface AccessController
rightId
- The id of the right to checkobject
- The objectpublic AccessController.AccessResult getReadAccessPermissionForAnonymous(Object object)
AccessController
getReadAccessPermissionForAnonymous
in interface AccessController
object
- The objectpublic AccessController.AccessResult getPermissionForAnyConnectedUser(String rightId, Object object)
AccessController
getPermissionForAnyConnectedUser
in interface AccessController
rightId
- The id of the right to checkobject
- The objectpublic AccessController.AccessResult getReadAccessPermissionForAnyConnectedUser(Object object)
AccessController
getReadAccessPermissionForAnyConnectedUser
in interface AccessController
object
- The objectpublic Map<UserIdentity,AccessController.AccessResult> getPermissionByUser(String rightId, Object object)
AccessController
getPermissionByUser
in interface AccessController
rightId
- The id of the right to checkobject
- The objectpublic Map<UserIdentity,AccessController.AccessResult> getReadAccessPermissionByUser(Object object)
AccessController
getReadAccessPermissionByUser
in interface AccessController
object
- The objectpublic Map<GroupIdentity,AccessController.AccessResult> getPermissionByGroup(String rightId, Object object)
AccessController
getPermissionByGroup
in interface AccessController
rightId
- The id of the right to checkobject
- The objectpublic Map<GroupIdentity,AccessController.AccessResult> getReadAccessPermissionByGroup(Object object)
AccessController
getReadAccessPermissionByGroup
in interface AccessController
object
- The objectpublic boolean hasUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups)
AccessController
hasUserAnyReadAccessPermissionOnWorkspace
in interface AccessController
workspacesContexts
- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}user
- The useruserGroups
- The groupspublic boolean hasUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups, String rightId)
AccessController
hasUserAnyPermissionOnWorkspace
in interface AccessController
workspacesContexts
- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}user
- The useruserGroups
- The groupsrightId
- The id of the right to checkpublic boolean hasAnonymousAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)
AccessController
hasAnonymousAnyReadAccessPermissionOnWorkspace
in interface AccessController
workspacesContexts
- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}public boolean hasAnonymousAnyPermissionOnWorkspace(Set<Object> workspacesContexts, String rightId)
AccessController
hasAnonymousAnyPermissionOnWorkspace
in interface AccessController
workspacesContexts
- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}rightId
- The id of the right to checkpublic boolean hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)
AccessController
hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace
in interface AccessController
workspacesContexts
- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}public boolean hasAnyConnectedUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts, String rightId)
AccessController
hasAnyConnectedUserAnyPermissionOnWorkspace
in interface AccessController
workspacesContexts
- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}rightId
- The id of the right to checkpublic boolean isSupported(Object object)
AccessController
isSupported
in interface AccessController
object
- The object to test