Class RemoteCDMFrSCCAccessController
java.lang.Object
org.ametys.plugins.odfsync.cdmfr.rights.RemoteCDMFrSCCAccessController
- All Implemented Interfaces:
AccessController
,PluginAware
,Serviceable
public class RemoteCDMFrSCCAccessController
extends Object
implements AccessController, Serviceable, PluginAware
AccessController
for contents imported by remote CDM-fr SCC-
Nested Class Summary
Nested classes/interfaces inherited from interface org.ametys.core.right.AccessController
AccessController.AccessResult, AccessController.ExplanationObject, AccessController.Permission
-
Field Summary
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionexplainAllPermissions
(UserIdentity identity, Set<GroupIdentity> groups) GetAccessExplanation
for each permission given to the user by this access controller.explainPermission
(UserIdentity user, Set<GroupIdentity> groups, String rightId, Object context) Explain the permission for a user on the given object.explainReadAccessPermission
(UserIdentity user, Set<GroupIdentity> groups, Object context) Explain the read access permission for a user on the given object.getId()
Get the id of this controllergetObjectCategory
(Object object) Get a label classifying the object handled by this access controllergetObjectLabel
(Object object) Get a label describing the object handled by this access controllergetPermission
(UserIdentity user, Set<GroupIdentity> userGroups, String rightId, Object object) Gets the kind of access a user has on an object for a given rightgetPermissionByGroup
(String rightId, Object object) Gets the permission by group only on an object for the given right.getPermissionByRight
(UserIdentity user, Set<GroupIdentity> userGroups, Object object) Gets the kind of access a user has on an object for all rightsgetPermissionByUser
(String rightId, Object object) Gets the permission by user only on an object for the given right.getPermissionForAnonymous
(String rightId, Object object) Gets the permission for Anonymous only on an object for a given rightgetPermissionForAnyConnectedUser
(String rightId, Object object) Gets the permission for any connected user only on an object for a given rightgetReadAccessPermission
(UserIdentity user, Set<GroupIdentity> userGroups, Object object) Gets the kind of access a user has on an object for thye read accessgetReadAccessPermissionByGroup
(Object object) Gets the read access permission by group only on an object.getReadAccessPermissionByUser
(Object object) Gets the read access permission by user only on an object.Gets the read access permission for Anonymous only on an objectGets the read access permission for any connected user only on an objectboolean
hasAnonymousAnyPermissionOnWorkspace
(Set<Object> workspacesContexts, String rightId) Returns true if anonymous has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.boolean
hasAnonymousAnyReadAccessPermissionOnWorkspace
(Set<Object> workspacesContexts) Returns true if anonymous has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.boolean
hasAnyConnectedUserAnyPermissionOnWorkspace
(Set<Object> workspacesContexts, String rightId) Returns true if any connected user has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.boolean
hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace
(Set<Object> workspacesContexts) Returns true if any connected user has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.boolean
hasUserAnyPermissionOnWorkspace
(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups, String rightId) Returns true if the user has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.boolean
hasUserAnyReadAccessPermissionOnWorkspace
(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups) Returns true if the user has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.boolean
isSupported
(Object object) Returns true if this access controller supports the given objectvoid
service
(ServiceManager manager) void
setPluginInfo
(String pluginName, String featureName, String id) Sets the plugin info relative to the current component.
Note : The feature name may be null if the targeted component in declared at plugin level.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.ametys.core.right.AccessController
explainPermissionForAnonymous, explainPermissionForAnyConnectedUser, explainReadAccessPermissionForAnonymous, explainReadAccessPermissionForAnyConnectedUser, getExplanationObject, getObjectPriority, getStandardAccessExplanation
-
Field Details
-
_odfContentsTreeHelper
The ODF contents tree helper
-
-
Constructor Details
-
RemoteCDMFrSCCAccessController
public RemoteCDMFrSCCAccessController()
-
-
Method Details
-
service
- Specified by:
service
in interfaceServiceable
- Throws:
ServiceException
-
setPluginInfo
Description copied from interface:PluginAware
Sets the plugin info relative to the current component.
Note : The feature name may be null if the targeted component in declared at plugin level.- Specified by:
setPluginInfo
in interfacePluginAware
- Parameters:
pluginName
- Unique identifier for the plugin hosting the extensionfeatureName
- Unique feature identifier (unique for a given pluginName)id
- Unique identifier of this component
-
getPermission
public AccessController.AccessResult getPermission(UserIdentity user, Set<GroupIdentity> userGroups, String rightId, Object object) Description copied from interface:AccessController
Gets the kind of access a user has on an object for a given right- Specified by:
getPermission
in interfaceAccessController
- Parameters:
user
- The user. Cannot be null.userGroups
- The groups the user belongs torightId
- The id of the right of the userobject
- The context object to check the access- Returns:
- the kind of access a user has on an object for a right
-
getReadAccessPermission
public AccessController.AccessResult getReadAccessPermission(UserIdentity user, Set<GroupIdentity> userGroups, Object object) Description copied from interface:AccessController
Gets the kind of access a user has on an object for thye read access- Specified by:
getReadAccessPermission
in interfaceAccessController
- Parameters:
user
- The user. Cannot be null.userGroups
- The groups the user belongs toobject
- The context object to check the access- Returns:
- the kind of access a user has on an object for the read access
-
getPermissionByRight
public Map<String,AccessController.AccessResult> getPermissionByRight(UserIdentity user, Set<GroupIdentity> userGroups, Object object) Description copied from interface:AccessController
Gets the kind of access a user has on an object for all rights- Specified by:
getPermissionByRight
in interfaceAccessController
- Parameters:
user
- The user. Cannot be null.userGroups
- The groups the user belongs toobject
- The context object to check the access- Returns:
- the kind of access a user has on an object for all rights
-
getPermissionForAnonymous
Description copied from interface:AccessController
Gets the permission for Anonymous only on an object for a given right- Specified by:
getPermissionForAnonymous
in interfaceAccessController
- Parameters:
rightId
- The id of the right to checkobject
- The object- Returns:
- the permission for Anonymous only on an object for a given right
-
getReadAccessPermissionForAnonymous
Description copied from interface:AccessController
Gets the read access permission for Anonymous only on an object- Specified by:
getReadAccessPermissionForAnonymous
in interfaceAccessController
- Parameters:
object
- The object- Returns:
- the read access permission for Anonymous only on an object
-
getPermissionForAnyConnectedUser
public AccessController.AccessResult getPermissionForAnyConnectedUser(String rightId, Object object) Description copied from interface:AccessController
Gets the permission for any connected user only on an object for a given right- Specified by:
getPermissionForAnyConnectedUser
in interfaceAccessController
- Parameters:
rightId
- The id of the right to checkobject
- The object- Returns:
- the permission for any connected user only on an object for a given right
-
getReadAccessPermissionForAnyConnectedUser
Description copied from interface:AccessController
Gets the read access permission for any connected user only on an object- Specified by:
getReadAccessPermissionForAnyConnectedUser
in interfaceAccessController
- Parameters:
object
- The object- Returns:
- the read access permission for any connected user only on an object
-
getPermissionByUser
public Map<UserIdentity,AccessController.AccessResult> getPermissionByUser(String rightId, Object object) Description copied from interface:AccessController
Gets the permission by user only on an object for the given right. It does not take account of the groups of the user, etc.- Specified by:
getPermissionByUser
in interfaceAccessController
- Parameters:
rightId
- The id of the right to checkobject
- The object- Returns:
- the permission by user only on an object for the given right
-
getReadAccessPermissionByUser
Description copied from interface:AccessController
Gets the read access permission by user only on an object. It does not take account of the groups of the user, etc.- Specified by:
getReadAccessPermissionByUser
in interfaceAccessController
- Parameters:
object
- The object- Returns:
- the read access permission by user only on an object
-
getPermissionByGroup
public Map<GroupIdentity,AccessController.AccessResult> getPermissionByGroup(String rightId, Object object) Description copied from interface:AccessController
Gets the permission by group only on an object for the given right.- Specified by:
getPermissionByGroup
in interfaceAccessController
- Parameters:
rightId
- The id of the right to checkobject
- The object- Returns:
- the permission by group only on an object for the given right
-
getReadAccessPermissionByGroup
public Map<GroupIdentity,AccessController.AccessResult> getReadAccessPermissionByGroup(Object object) Description copied from interface:AccessController
Gets the read access permission by group only on an object.- Specified by:
getReadAccessPermissionByGroup
in interfaceAccessController
- Parameters:
object
- The object- Returns:
- the read access permission by group only on an object
-
hasUserAnyPermissionOnWorkspace
public boolean hasUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups, String rightId) Description copied from interface:AccessController
Returns true if the user has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.- Specified by:
hasUserAnyPermissionOnWorkspace
in interfaceAccessController
- Parameters:
workspacesContexts
- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}user
- The useruserGroups
- The groupsrightId
- The id of the right to check- Returns:
- true if the user has a permission on at least one object, directly or though groups, for a given right
-
hasUserAnyReadAccessPermissionOnWorkspace
public boolean hasUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups) Description copied from interface:AccessController
Returns true if the user has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.- Specified by:
hasUserAnyReadAccessPermissionOnWorkspace
in interfaceAccessController
- Parameters:
workspacesContexts
- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}user
- The useruserGroups
- The groups- Returns:
- true if the user has a permission on at least one object, directly or though groups, for a given right
-
hasAnonymousAnyPermissionOnWorkspace
Description copied from interface:AccessController
Returns true if anonymous has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.- Specified by:
hasAnonymousAnyPermissionOnWorkspace
in interfaceAccessController
- Parameters:
workspacesContexts
- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}rightId
- The id of the right to check- Returns:
- true if anonymous has a permission on at least one object, directly or though groups, for a given right
-
hasAnonymousAnyReadAccessPermissionOnWorkspace
Description copied from interface:AccessController
Returns true if anonymous has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.- Specified by:
hasAnonymousAnyReadAccessPermissionOnWorkspace
in interfaceAccessController
- Parameters:
workspacesContexts
- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}- Returns:
- true if anonymous has a permission on at least one object, directly or though groups, for a given right
-
hasAnyConnectedUserAnyPermissionOnWorkspace
public boolean hasAnyConnectedUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts, String rightId) Description copied from interface:AccessController
Returns true if any connected user has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.- Specified by:
hasAnyConnectedUserAnyPermissionOnWorkspace
in interfaceAccessController
- Parameters:
workspacesContexts
- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}rightId
- The id of the right to check- Returns:
- true if any connected user has a permission on at least one object, directly or though groups, for a given right
-
hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace
public boolean hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts) Description copied from interface:AccessController
Returns true if any connected user has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.- Specified by:
hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace
in interfaceAccessController
- Parameters:
workspacesContexts
- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}- Returns:
- true if any connected user has a permission on at least one object, directly or though groups, for a given right
-
isSupported
Description copied from interface:AccessController
Returns true if this access controller supports the given object- Specified by:
isSupported
in interfaceAccessController
- Parameters:
object
- The object to test- Returns:
- true if this access controller supports the given object
-
explainReadAccessPermission
public AccessExplanation explainReadAccessPermission(UserIdentity user, Set<GroupIdentity> groups, Object context) Description copied from interface:AccessController
Explain the read access permission for a user on the given object. The access result in the explanation MUST be the same value as the one returned byAccessController.getReadAccessPermission(UserIdentity, Set, Object)
. And the explanation should described the actual object that granted the right to allow final user to see if any context conversion happened- Specified by:
explainReadAccessPermission
in interfaceAccessController
- Parameters:
user
- the user to testgroups
- the groups of the usercontext
- the object to test- Returns:
- an explanation of the access
-
explainPermission
public AccessExplanation explainPermission(UserIdentity user, Set<GroupIdentity> groups, String rightId, Object context) Description copied from interface:AccessController
Explain the permission for a user on the given object. The access result in the explanation MUST be the same value as the one returned byAccessController.getPermission(UserIdentity, Set, String, Object)
. And the explanation should described the actual object that granted the right to allow final user to see if any context conversion happened- Specified by:
explainPermission
in interfaceAccessController
- Parameters:
user
- the user to testgroups
- the groups of the userrightId
- the right to testcontext
- the object to test- Returns:
- an explanation of the access
-
getObjectLabel
Description copied from interface:AccessController
Get a label describing the object handled by this access controller- Specified by:
getObjectLabel
in interfaceAccessController
- Parameters:
object
- the object- Returns:
- the label
-
explainAllPermissions
public Map<AccessController.ExplanationObject,Map<AccessController.Permission, explainAllPermissionsAccessExplanation>> (UserIdentity identity, Set<GroupIdentity> groups) Description copied from interface:AccessController
GetAccessExplanation
for each permission given to the user by this access controller. Returns a pair of permission/access explanation for each object with a granted or denied permission to this user by this access controller. Each explanation should be equivalent to calling theAccessController.explainPermission(UserIdentity, Set, String, Object)
orAccessController.explainReadAccessPermission(UserIdentity, Set, Object)
for the user, on the object with the corresponding right- Specified by:
explainAllPermissions
in interfaceAccessController
- Parameters:
identity
- the user identitygroups
- the groups the user belongs to.- Returns:
- all the user's permissions handled by this controller
-
getObjectCategory
Description copied from interface:AccessController
Get a label classifying the object handled by this access controller- Specified by:
getObjectCategory
in interfaceAccessController
- Parameters:
object
- the object- Returns:
- the label
-
getId
Description copied from interface:AccessController
Get the id of this controller- Specified by:
getId
in interfaceAccessController
- Returns:
- the id of this controller
-