Package org.ametys.plugins.workspaces.wall

Class WallContentAccessController

java.lang.Object

org.ametys.plugins.workspaces.wall.WallContentAccessController

All Implemented Interfaces:

AccessController, Serviceable

public class WallContentAccessController
extends Object
implements AccessController, Serviceable

AccessController for a wall content

Nested Class Summary

Nested classes/interfaces inherited from interface org.ametys.core.right.AccessController

AccessController.AccessResult

Field Summary

Fields

Modifier and Type	Field	Description
private static List<String>	__AUTHOR_RIGHTS
private static String	__BO_EDITION_RIGHT_ID
private static String	__DELETION_RIGHT_ID
private static String	__FO_EDITION_RIGHT_ID
private static List<String>	__KNOWN_RIGHTS
private AccessControllerExtensionPoint	_accessControllerExtensionPoint
private ContentTypesHelper	_cTypeHelper
private static String	_DELETE_SUPER_RIGHT
private static String	_EDIT_SUPER_RIGHT
private static String	_PIN_SUPER_RIGHT
private AccessController	_projectAccessController
private ProjectManager	_projectManager
private AccessController	_workspaceAccessController

Constructor Summary

Constructors

Constructor	Description
WallContentAccessController()

Method Summary

Modifier and Type	Method	Description
private String	_convertRightToSuperRight(String rightId)
private AccessController	_getProjectAccessController()
private List<Project>	_getProjects(Object object)
private AccessController	_getWorkspaceAccessController()
AccessController.AccessResult	getPermission(UserIdentity user, Set<GroupIdentity> userGroups, String rightId, Object object)	Gets the kind of access a user has on an object for a given right
Map<GroupIdentity,AccessController.AccessResult>	getPermissionByGroup(String rightId, Object object)	Gets the permission by group only on an object for the given right.
Map<String,AccessController.AccessResult>	getPermissionByRight(UserIdentity user, Set<GroupIdentity> userGroups, Object object)	Gets the kind of access a user has on an object for all rights
Map<UserIdentity,AccessController.AccessResult>	getPermissionByUser(String rightId, Object object)	Gets the permission by user only on an object for the given right.
AccessController.AccessResult	getPermissionForAnonymous(String rightId, Object object)	Gets the permission for Anonymous only on an object for a given right
AccessController.AccessResult	getPermissionForAnyConnectedUser(String rightId, Object object)	Gets the permission for any connected user only on an object for a given right
AccessController.AccessResult	getReadAccessPermission(UserIdentity user, Set<GroupIdentity> userGroups, Object object)	Gets the kind of access a user has on an object for thye read access
Map<GroupIdentity,AccessController.AccessResult>	getReadAccessPermissionByGroup(Object object)	Gets the read access permission by group only on an object.
Map<UserIdentity,AccessController.AccessResult>	getReadAccessPermissionByUser(Object object)	Gets the read access permission by user only on an object.
AccessController.AccessResult	getReadAccessPermissionForAnonymous(Object object)	Gets the read access permission for Anonymous only on an object
AccessController.AccessResult	getReadAccessPermissionForAnyConnectedUser(Object object)	Gets the read access permission for any connected user only on an object
boolean	hasAnonymousAnyPermissionOnWorkspace(Set<Object> workspacesContexts, String rightId)	Returns true if anonymous has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.
boolean	hasAnonymousAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)	Returns true if anonymous has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.
boolean	hasAnyConnectedUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts, String rightId)	Returns true if any connected user has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.
boolean	hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)	Returns true if any connected user has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.
boolean	hasUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups, String rightId)	Returns true if the user has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.
boolean	hasUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups)	Returns true if the user has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.
boolean	isSupported(Object object)	Returns true if this access controller supports the given object
void	service(ServiceManager smanager)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

_EDIT_SUPER_RIGHT

private static final String _EDIT_SUPER_RIGHT

See Also:

Constant Field Values

_DELETE_SUPER_RIGHT

private static final String _DELETE_SUPER_RIGHT

See Also:

Constant Field Values

_PIN_SUPER_RIGHT

private static final String _PIN_SUPER_RIGHT

See Also:

Constant Field Values

__FO_EDITION_RIGHT_ID

private static final String __FO_EDITION_RIGHT_ID

See Also:

Constant Field Values

__BO_EDITION_RIGHT_ID

private static final String __BO_EDITION_RIGHT_ID

See Also:

Constant Field Values

__DELETION_RIGHT_ID

private static final String __DELETION_RIGHT_ID

See Also:

Constant Field Values

__AUTHOR_RIGHTS

private static final List<String> __AUTHOR_RIGHTS

__KNOWN_RIGHTS

private static final List<String> __KNOWN_RIGHTS

_cTypeHelper

private ContentTypesHelper _cTypeHelper

_projectManager

private ProjectManager _projectManager

_accessControllerExtensionPoint

private AccessControllerExtensionPoint _accessControllerExtensionPoint

_projectAccessController

private AccessController _projectAccessController

_workspaceAccessController

private AccessController _workspaceAccessController

Constructor Detail

WallContentAccessController

public WallContentAccessController()

Method Detail

service

public void service(ServiceManager smanager)
             throws ServiceException

Specified by:

service in interface Serviceable

Throws:

ServiceException

isSupported

public boolean isSupported(Object object)

Description copied from interface: AccessController

Returns true if this access controller supports the given object

Specified by:

isSupported in interface AccessController

Parameters:

object - The object to test

Returns:

true if this access controller supports the given object

_getProjectAccessController

private AccessController _getProjectAccessController()

_getWorkspaceAccessController

private AccessController _getWorkspaceAccessController()

getPermission

public AccessController.AccessResult getPermission(UserIdentity user,
                                                   Set<GroupIdentity> userGroups,
                                                   String rightId,
                                                   Object object)

Description copied from interface: AccessController

Gets the kind of access a user has on an object for a given right

Specified by:

getPermission in interface AccessController

Parameters:

user - The user. Cannot be null.

userGroups - The groups the user belongs to

rightId - The id of the right of the user

object - The context object to check the access

Returns:

the kind of access a user has on an object for a right

_convertRightToSuperRight

private String _convertRightToSuperRight(String rightId)

getReadAccessPermission

public AccessController.AccessResult getReadAccessPermission(UserIdentity user,
                                                             Set<GroupIdentity> userGroups,
                                                             Object object)

Description copied from interface: AccessController

Gets the kind of access a user has on an object for thye read access

Specified by:

getReadAccessPermission in interface AccessController

Parameters:

user - The user. Cannot be null.

userGroups - The groups the user belongs to

object - The context object to check the access

Returns:

the kind of access a user has on an object for the read access

getPermissionByRight

public Map<String,AccessController.AccessResult> getPermissionByRight(UserIdentity user,
                                                                            Set<GroupIdentity> userGroups,
                                                                            Object object)

Description copied from interface: AccessController

Gets the kind of access a user has on an object for all rights

Specified by:

getPermissionByRight in interface AccessController

Parameters:

user - The user. Cannot be null.

userGroups - The groups the user belongs to

object - The context object to check the access

Returns:

the kind of access a user has on an object for all rights

getPermissionForAnonymous

public AccessController.AccessResult getPermissionForAnonymous(String rightId,
                                                               Object object)

Description copied from interface: AccessController

Gets the permission for Anonymous only on an object for a given right

Specified by:

getPermissionForAnonymous in interface AccessController

Parameters:

rightId - The id of the right to check

object - The object

Returns:

the permission for Anonymous only on an object for a given right

getReadAccessPermissionForAnonymous

public AccessController.AccessResult getReadAccessPermissionForAnonymous(Object object)

Description copied from interface: AccessController

Gets the read access permission for Anonymous only on an object

Specified by:

getReadAccessPermissionForAnonymous in interface AccessController

Parameters:

object - The object

Returns:

the read access permission for Anonymous only on an object

getPermissionForAnyConnectedUser

public AccessController.AccessResult getPermissionForAnyConnectedUser(String rightId,
                                                                      Object object)

Description copied from interface: AccessController

Gets the permission for any connected user only on an object for a given right

Specified by:

getPermissionForAnyConnectedUser in interface AccessController

Parameters:

rightId - The id of the right to check

object - The object

Returns:

the permission for any connected user only on an object for a given right

getReadAccessPermissionForAnyConnectedUser

public AccessController.AccessResult getReadAccessPermissionForAnyConnectedUser(Object object)

Description copied from interface: AccessController

Gets the read access permission for any connected user only on an object

Specified by:

getReadAccessPermissionForAnyConnectedUser in interface AccessController

Parameters:

object - The object

Returns:

the read access permission for any connected user only on an object

getPermissionByUser

public Map<UserIdentity,AccessController.AccessResult> getPermissionByUser(String rightId,
                                                                                 Object object)

Description copied from interface: AccessController

Gets the permission by user only on an object for the given right. It does not take account of the groups of the user, etc.

Specified by:

getPermissionByUser in interface AccessController

Parameters:

rightId - The id of the right to check

object - The object

Returns:

the permission by user only on an object for the given right

getReadAccessPermissionByUser

public Map<UserIdentity,AccessController.AccessResult> getReadAccessPermissionByUser(Object object)

Description copied from interface: AccessController

Gets the read access permission by user only on an object. It does not take account of the groups of the user, etc.

Specified by:

getReadAccessPermissionByUser in interface AccessController

Parameters:

object - The object

Returns:

the read access permission by user only on an object

getPermissionByGroup

public Map<GroupIdentity,AccessController.AccessResult> getPermissionByGroup(String rightId,
                                                                                   Object object)

Description copied from interface: AccessController

Gets the permission by group only on an object for the given right.

Specified by:

getPermissionByGroup in interface AccessController

Parameters:

rightId - The id of the right to check

object - The object

Returns:

the permission by group only on an object for the given right

getReadAccessPermissionByGroup

public Map<GroupIdentity,AccessController.AccessResult> getReadAccessPermissionByGroup(Object object)

Description copied from interface: AccessController

Gets the read access permission by group only on an object.

Specified by:

getReadAccessPermissionByGroup in interface AccessController

Parameters:

object - The object

Returns:

the read access permission by group only on an object

hasUserAnyPermissionOnWorkspace

public boolean hasUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts,
                                               UserIdentity user,
                                               Set<GroupIdentity> userGroups,
                                               String rightId)

Description copied from interface: AccessController

Returns true if the user has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.

Specified by:

hasUserAnyPermissionOnWorkspace in interface AccessController

Parameters:

workspacesContexts - The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}

user - The user

userGroups - The groups

rightId - The id of the right to check

Returns:

true if the user has a permission on at least one object, directly or though groups, for a given right

hasUserAnyReadAccessPermissionOnWorkspace

public boolean hasUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts,
                                                         UserIdentity user,
                                                         Set<GroupIdentity> userGroups)

Description copied from interface: AccessController

Returns true if the user has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.

Specified by:

hasUserAnyReadAccessPermissionOnWorkspace in interface AccessController

Parameters:

workspacesContexts - The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}

user - The user

userGroups - The groups

Returns:

true if the user has a permission on at least one object, directly or though groups, for a given right

hasAnonymousAnyPermissionOnWorkspace

public boolean hasAnonymousAnyPermissionOnWorkspace(Set<Object> workspacesContexts,
                                                    String rightId)

Description copied from interface: AccessController

Returns true if anonymous has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.

Specified by:

hasAnonymousAnyPermissionOnWorkspace in interface AccessController

Parameters:

workspacesContexts - The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}

rightId - The id of the right to check

Returns:

true if anonymous has a permission on at least one object, directly or though groups, for a given right

hasAnonymousAnyReadAccessPermissionOnWorkspace

public boolean hasAnonymousAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)

Description copied from interface: AccessController

Returns true if anonymous has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.

Specified by:

hasAnonymousAnyReadAccessPermissionOnWorkspace in interface AccessController

Parameters:

workspacesContexts - The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}

Returns:

true if anonymous has a permission on at least one object, directly or though groups, for a given right

hasAnyConnectedUserAnyPermissionOnWorkspace

public boolean hasAnyConnectedUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts,
                                                           String rightId)

Description copied from interface: AccessController

Returns true if any connected user has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.

Specified by:

hasAnyConnectedUserAnyPermissionOnWorkspace in interface AccessController

Parameters:

workspacesContexts - The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}

rightId - The id of the right to check

Returns:

true if any connected user has a permission on at least one object, directly or though groups, for a given right

hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace

public boolean hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)

Description copied from interface: AccessController

Returns true if any connected user has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.

Specified by:

hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace in interface AccessController

Parameters:

workspacesContexts - The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}

Returns:

true if any connected user has a permission on at least one object, directly or though groups, for a given right

_getProjects

private List<Project> _getProjects(Object object)