Class AbstractHierarchicalAccessController<T>
java.lang.Object
org.ametys.runtime.plugin.component.AbstractLogEnabled
org.ametys.plugins.core.impl.right.AbstractProfileStorageBasedAccessController
org.ametys.plugins.core.impl.right.AbstractHierarchicalAccessController<T>
- Type Parameters:
T
- The class of a supported object, from which you can retrieve its parent with_getParents(Object)
- All Implemented Interfaces:
AccessController
,LogEnabled
,Initializable
,Component
,Serviceable
- Direct Known Subclasses:
ContentAccessController
,ContentTypeAccessController
,ODFContentHierarchicalAccessController
,PageAccessController
,ReferenceTableAccessController
,ResourceAccessController
,StringHierarchicalAccessController
,SurveyAccessController
,SynchronizedContentAccessController
,UserDirectoryContentAccessController
public abstract class AbstractHierarchicalAccessController<T>
extends AbstractProfileStorageBasedAccessController
Abstract
AccessController
for a hierarchical type of object.-
Nested Class Summary
Nested classes/interfaces inherited from class org.ametys.plugins.core.impl.right.AbstractProfileStorageBasedAccessController
AbstractProfileStorageBasedAccessController.CacheKind
Nested classes/interfaces inherited from interface org.ametys.core.right.AccessController
AccessController.AccessResult
-
Field Summary
Fields inherited from class org.ametys.plugins.core.impl.right.AbstractProfileStorageBasedAccessController
__ANONYMOUS_USER_IDENTITY, __ANY_CONTECTED_USER_IDENTITY, _cacheManager, _profileAssignmentStorageEP, _rightProfileDAO
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescription_getParents
(T object) Gets the parents of the object.protected AccessController.AccessResult
_getPermission
(UserIdentity user, Set<GroupIdentity> userGroups, Set<String> profilesIds, Object object, Object convertedObject) Works for getPermission or getReadAccessPermissionprotected Map<GroupIdentity,
AccessController.AccessResult> _getPermissionByGroup
(Set<String> profilesIds, Object object, Object convertedObject) Works for getPermissionByGroup and getReadAccessPermissionByGroupprotected Map<UserIdentity,
AccessController.AccessResult> _getPermissionByUser
(Set<String> profilesIds, Object object, Object convertedObject) Works for getPermissionByUser and getReadAccessPermissionByUserprotected AccessController.AccessResult
_getPermissionForAnonymous
(Set<String> profilesIds, Object object, Object convertedObject) Works for getPermissionForAnonymous and getReadAccessPermissionForAnonymousprotected AccessController.AccessResult
_getPermissionForAnyConnectedUser
(Set<String> profilesIds, Object object, Object convertedObject) Works for getPermissionForAnyConnectedUser and getReadAccessPermissionForAnyConnectedUsergetPermissionByRight
(UserIdentity user, Set<GroupIdentity> userGroups, Object object) Gets the kind of access a user has on an object for all rightsprotected boolean
isInheritanceDisallowed
(T object) Determines if the inheritance of permissions is disallowed on the given objectMethods inherited from class org.ametys.plugins.core.impl.right.AbstractProfileStorageBasedAccessController
_convertContext, _convertWorkspaceToRootRightContexts, _hasRightResultInFirstCache, _hasRightResultInSecondCache, _putInFirstCache, _putInSecondCache, getPermission, getPermissionByGroup, getPermissionByUser, getPermissionForAnonymous, getPermissionForAnyConnectedUser, getReadAccessPermission, getReadAccessPermissionByGroup, getReadAccessPermissionByUser, getReadAccessPermissionForAnonymous, getReadAccessPermissionForAnyConnectedUser, hasAnonymousAnyPermissionOnWorkspace, hasAnonymousAnyReadAccessPermissionOnWorkspace, hasAnyConnectedUserAnyPermissionOnWorkspace, hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace, hasUserAnyPermissionOnWorkspace, hasUserAnyReadAccessPermissionOnWorkspace, initialize, service
Methods inherited from class org.ametys.runtime.plugin.component.AbstractLogEnabled
getLogger, setLogger
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.ametys.core.right.AccessController
isSupported
-
Constructor Details
-
AbstractHierarchicalAccessController
public AbstractHierarchicalAccessController()
-
-
Method Details
-
_getParents
Gets the parents of the object. Must return null when the object is the "root" (where "root" means here the root of the hierarchy of the access controller)- Parameters:
object
- The object- Returns:
- the parents of the object, or null if the object is the "root" of the hierarchy
-
isInheritanceDisallowed
Determines if the inheritance of permissions is disallowed on the given object- Parameters:
object
- The object- Returns:
- true if the inheritance of permissions is disallowed on the given object
-
getPermissionByRight
public Map<String,AccessController.AccessResult> getPermissionByRight(UserIdentity user, Set<GroupIdentity> userGroups, Object object) Description copied from interface:AccessController
Gets the kind of access a user has on an object for all rights- Specified by:
getPermissionByRight
in interfaceAccessController
- Overrides:
getPermissionByRight
in classAbstractProfileStorageBasedAccessController
- Parameters:
user
- The user. Cannot be null.userGroups
- The groups the user belongs toobject
- The context object to check the access- Returns:
- the kind of access a user has on an object for all rights
-
_getPermission
protected AccessController.AccessResult _getPermission(UserIdentity user, Set<GroupIdentity> userGroups, Set<String> profilesIds, Object object, Object convertedObject) Description copied from class:AbstractProfileStorageBasedAccessController
Works for getPermission or getReadAccessPermission- Overrides:
_getPermission
in classAbstractProfileStorageBasedAccessController
- Parameters:
user
- The useuserGroups
- The groupsprofilesIds
- The profilesobject
- The original contextconvertedObject
- The converted context- Returns:
- the computed result
-
_getPermissionForAnonymous
protected AccessController.AccessResult _getPermissionForAnonymous(Set<String> profilesIds, Object object, Object convertedObject) Description copied from class:AbstractProfileStorageBasedAccessController
Works for getPermissionForAnonymous and getReadAccessPermissionForAnonymous- Overrides:
_getPermissionForAnonymous
in classAbstractProfileStorageBasedAccessController
- Parameters:
profilesIds
- The profiles idsobject
- The contextconvertedObject
- The converted context- Returns:
- The access result
-
_getPermissionForAnyConnectedUser
protected AccessController.AccessResult _getPermissionForAnyConnectedUser(Set<String> profilesIds, Object object, Object convertedObject) Description copied from class:AbstractProfileStorageBasedAccessController
Works for getPermissionForAnyConnectedUser and getReadAccessPermissionForAnyConnectedUser- Overrides:
_getPermissionForAnyConnectedUser
in classAbstractProfileStorageBasedAccessController
- Parameters:
profilesIds
- The profiles idsobject
- The contextconvertedObject
- The converted context- Returns:
- the access result
-
_getPermissionByUser
protected Map<UserIdentity,AccessController.AccessResult> _getPermissionByUser(Set<String> profilesIds, Object object, Object convertedObject) Description copied from class:AbstractProfileStorageBasedAccessController
Works for getPermissionByUser and getReadAccessPermissionByUser- Overrides:
_getPermissionByUser
in classAbstractProfileStorageBasedAccessController
- Parameters:
profilesIds
- The profiles idsobject
- The contextconvertedObject
- The converted context- Returns:
- The users and their access results
-
_getPermissionByGroup
protected Map<GroupIdentity,AccessController.AccessResult> _getPermissionByGroup(Set<String> profilesIds, Object object, Object convertedObject) Description copied from class:AbstractProfileStorageBasedAccessController
Works for getPermissionByGroup and getReadAccessPermissionByGroup- Overrides:
_getPermissionByGroup
in classAbstractProfileStorageBasedAccessController
- Parameters:
profilesIds
- The profiles idsobject
- The contextconvertedObject
- The converted context- Returns:
- The users and their access results
-