Package org.ametys.plugins.repository

Class ACLAmetysObjectProfileAssignmentStorage

java.lang.Object

org.ametys.runtime.plugin.component.AbstractLogEnabled

org.ametys.plugins.repository.ACLAmetysObjectProfileAssignmentStorage

All Implemented Interfaces:

ProfileAssignmentStorage, LogEnabled, Prioritizable

Direct Known Subclasses:

ModifiableACLAmetysObjectProfileAssignmentStorage

public class ACLAmetysObjectProfileAssignmentStorage
extends AbstractLogEnabled
implements ProfileAssignmentStorage

Implementation of ProfileAssignmentStorage for ACLAmetysObjects which stores profile assignments in subnodes of the node representing this object.

Nested Class Summary

Nested classes/interfaces inherited from interface org.ametys.core.right.ProfileAssignmentStorage

ProfileAssignmentStorage.AnonymousOrAnyConnectedKeys, ProfileAssignmentStorage.UserOrGroup

Field Summary

Fields inherited from interface org.ametys.core.right.ProfileAssignmentStorage

MAX_PRIORITY, MIN_PRIORITY

Constructor Summary

Constructors

Constructor	Description
ACLAmetysObjectProfileAssignmentStorage()

Method Summary

Modifier and Type	Method	Description
Map<Object,Map<ProfileAssignmentStorage.AnonymousOrAnyConnectedKeys,Set<String>>>	getAllProfilesForAnonymousAndAnyConnectedUser()	Gets all contexts with stored profiles (allowed or denied) for anonymous or any connected user and for each, a description of the permissions.
Map<Object,Map<GroupIdentity,Map<ProfileAssignmentStorage.UserOrGroup,Set<String>>>>	getAllProfilesForGroups(Set<GroupIdentity> groups)	Gets all contexts with stored profiles (allowed or denied) for the groups and for each, a description of the permissions.
Map<Object,Map<ProfileAssignmentStorage.UserOrGroup,Set<String>>>	getAllProfilesForUser(UserIdentity user)	Gets all contexts with stored profiles (allowed or denied) for the user and for each, a description of the permissions.
int	getPriority()	Get the priority for the component.
Map<ProfileAssignmentStorage.AnonymousOrAnyConnectedKeys,Set<String>>	getProfilesForAnonymousAndAnyConnectedUser(Object object)	Gets the allowed profiles any connected user has on the given object
Map<GroupIdentity,Map<ProfileAssignmentStorage.UserOrGroup,Set<String>>>	getProfilesForGroups(Object object, Set<GroupIdentity> groups)	Gets the groups that have allowed profiles assigned on the given object
Map<UserIdentity,Map<ProfileAssignmentStorage.UserOrGroup,Set<String>>>	getProfilesForUsers(Object object, UserIdentity user)	Gets the users that have allowed profiles assigned on the given object
Set<String>	hasAnonymousAnyAllowedProfile(Set<? extends Object> rootContexts, Set<String> profileIds)	Returns some profiles that are matching if anonymous user has the allowed profile for any given root context (or any sub context), given some profiles. Only supported objects are transmitted
Set<String>	hasAnyConnectedAnyAllowedProfile(Set<? extends Object> rootContexts, Set<String> profileIds)	Returns some profiles that are matching if any connected user has the allowed profile for any given root context (or any sub context), given some profiles. Only supported objects are transmitted
Set<String>	hasGroupAnyAllowedProfile(Set<? extends Object> rootContexts, Set<GroupIdentity> groups, Set<String> profileIds)	Returns some profiles that are matching if group has the allowed profile for any given root context (or any sub context), given some profiles. Only supported objects are transmitted
Set<String>	hasUserAnyAllowedProfile(Set<? extends Object> rootContexts, UserIdentity user, Set<String> profileIds)	Returns some profiles that are matching if user has the allowed profile for any given root context (or any sub context), given some profiles. Only supported objects are transmitted
boolean	isInheritanceDisallowed(Object object)	Returns true if the inheritance of permissions is disallowed on the given object
boolean	isRootContextSupported(Object rootContext)	Returns true if this profile storage supports the given object as a root context i.e.
boolean	isSupported(Object object)	Returns true if this profile storage supports the given object, i.e.

Methods inherited from class org.ametys.runtime.plugin.component.AbstractLogEnabled

getLogger, setLogger

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

ACLAmetysObjectProfileAssignmentStorage

public ACLAmetysObjectProfileAssignmentStorage()

Method Details

hasUserAnyAllowedProfile

public Set<String> hasUserAnyAllowedProfile(Set<? extends Object> rootContexts,
 UserIdentity user,
 Set<String> profileIds)

Description copied from interface: ProfileAssignmentStorage

Returns some profiles that are matching if user has the allowed profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted

Specified by:

hasUserAnyAllowedProfile in interface ProfileAssignmentStorage

Parameters:

rootContexts - The root contexts to search rights for

user - The user to test

profileIds - The ids of the profiles

Returns:

If the Set is empty, it means any connected user has no matching profile.
If the Set is non empty, it contains at least one of the given profile BUT it may not contains all the matching profiles for anyconnected user AND it can contains some other profiles that were not in the given profiles

hasGroupAnyAllowedProfile

public Set<String> hasGroupAnyAllowedProfile(Set<? extends Object> rootContexts,
 Set<GroupIdentity> groups,
 Set<String> profileIds)

Description copied from interface: ProfileAssignmentStorage

Returns some profiles that are matching if group has the allowed profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted

Specified by:

hasGroupAnyAllowedProfile in interface ProfileAssignmentStorage

Parameters:

rootContexts - The root contexts to search rights for

groups - The groups to test (a single group needs to match)

profileIds - The ids of the profiles

Returns:

If the Set is empty, it means the group has no matching profile.
If the Set is non empty, it contains at least one of the given profile BUT it may not contains all the matching profiles for the group AND it can contains some other profiles that were not in the given profiles

hasAnyConnectedAnyAllowedProfile

public Set<String> hasAnyConnectedAnyAllowedProfile(Set<? extends Object> rootContexts,
 Set<String> profileIds)

Description copied from interface: ProfileAssignmentStorage

Returns some profiles that are matching if any connected user has the allowed profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted

Specified by:

hasAnyConnectedAnyAllowedProfile in interface ProfileAssignmentStorage

Parameters:

rootContexts - The root contexts to search rights for

profileIds - The ids of the profiles

Returns:

If the Set is empty, it means the user has no matching profile.
If the Set is non empty, it contains at least one of the given profile BUT it may not contains all the matching profiles for the user AND it can contains some other profiles that were not in the given profiles

hasAnonymousAnyAllowedProfile

public Set<String> hasAnonymousAnyAllowedProfile(Set<? extends Object> rootContexts,
 Set<String> profileIds)

Description copied from interface: ProfileAssignmentStorage

Returns some profiles that are matching if anonymous user has the allowed profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted

Specified by:

hasAnonymousAnyAllowedProfile in interface ProfileAssignmentStorage

Parameters:

rootContexts - The root contexts to search rights for

profileIds - The ids of the profiles

Returns:

If the Set is empty, it means anonymous has no matching profile.
If the Set is non empty, it contains at least one of the given profile BUT it may not contains all the matching profiles for anonymous AND it can contains some other profiles that were not in the given profiles

getAllProfilesForAnonymousAndAnyConnectedUser

public Map<Object,Map<ProfileAssignmentStorage.AnonymousOrAnyConnectedKeys,Set<String>>> getAllProfilesForAnonymousAndAnyConnectedUser()

Description copied from interface: ProfileAssignmentStorage

Gets all contexts with stored profiles (allowed or denied) for anonymous or any connected user and for each, a description of the permissions.

Specified by:

getAllProfilesForAnonymousAndAnyConnectedUser in interface ProfileAssignmentStorage

Returns:

a map associating a context object to the stored profiles for each permission

getAllProfilesForGroups

public Map<Object,Map<GroupIdentity,Map<ProfileAssignmentStorage.UserOrGroup,Set<String>>>> getAllProfilesForGroups(Set<GroupIdentity> groups)

Description copied from interface: ProfileAssignmentStorage

Gets all contexts with stored profiles (allowed or denied) for the groups and for each, a description of the permissions. The permissions are grouped by group identity to be able to discriminate which group give what permissions.

Specified by:

getAllProfilesForGroups in interface ProfileAssignmentStorage

Parameters:

groups - The group to get profiles for.

Returns:

The map of context with their assigned allowed/denied profiles grouped by group identity

getAllProfilesForUser

public Map<Object,Map<ProfileAssignmentStorage.UserOrGroup,Set<String>>> getAllProfilesForUser(UserIdentity user)

Description copied from interface: ProfileAssignmentStorage

Gets all contexts with stored profiles (allowed or denied) for the user and for each, a description of the permissions.

Specified by:

getAllProfilesForUser in interface ProfileAssignmentStorage

Parameters:

user - The user to get profiles for.

Returns:

The map of context with their assigned allowed/denied profiles

getProfilesForAnonymousAndAnyConnectedUser

public Map<ProfileAssignmentStorage.AnonymousOrAnyConnectedKeys,Set<String>> getProfilesForAnonymousAndAnyConnectedUser(Object object)

Description copied from interface: ProfileAssignmentStorage

Gets the allowed profiles any connected user has on the given object

Specified by:

getProfilesForAnonymousAndAnyConnectedUser in interface ProfileAssignmentStorage

Parameters:

object - The object

Returns:

a map containing allowed/denied profiles that anonymous and any connected user has on the given object

getProfilesForUsers

public Map<UserIdentity,Map<ProfileAssignmentStorage.UserOrGroup,Set<String>>> getProfilesForUsers(Object object,
 UserIdentity user)

Description copied from interface: ProfileAssignmentStorage

Gets the users that have allowed profiles assigned on the given object

Specified by:

getProfilesForUsers in interface ProfileAssignmentStorage

Parameters:

object - The object to test

user - The user to get profiles for. Can be null to get profiles for all users that have rights

Returns:

The map of allowed users with their assigned allowed/denied profiles

getProfilesForGroups

public Map<GroupIdentity,Map<ProfileAssignmentStorage.UserOrGroup,Set<String>>> getProfilesForGroups(Object object,
 Set<GroupIdentity> groups)

Description copied from interface: ProfileAssignmentStorage

Gets the groups that have allowed profiles assigned on the given object

Specified by:

getProfilesForGroups in interface ProfileAssignmentStorage

Parameters:

object - The object to test

groups - The group to get profiles for. Can be null to get profiles for all groups that have rights

Returns:

The map of allowed/denied groups with their assigned profiles

isInheritanceDisallowed

public boolean isInheritanceDisallowed(Object object)

Description copied from interface: ProfileAssignmentStorage

Returns true if the inheritance of permissions is disallowed on the given object

Specified by:

isInheritanceDisallowed in interface ProfileAssignmentStorage

Parameters:

object - The object to test

Returns:

true if the inheritance of permissions is disallowed on the given object

isSupported

public boolean isSupported(Object object)

Description copied from interface: ProfileAssignmentStorage

Returns true if this profile storage supports the given object, i.e. if it is able to retrieve the allowed users/groups on that object

Specified by:

isSupported in interface ProfileAssignmentStorage

Parameters:

object - The object to test

Returns:

true if this profile storage supports the given object

isRootContextSupported

public boolean isRootContextSupported(Object rootContext)

Description copied from interface: ProfileAssignmentStorage

Returns true if this profile storage supports the given object as a root context i.e. it can seek any permission under this object

Specified by:

isRootContextSupported in interface ProfileAssignmentStorage

Parameters:

rootContext - The object to start searching

Returns:

true if this profile storage support this a as root context to search in

getPriority

public int getPriority()

Description copied from interface: Prioritizable

Get the priority for the component. On components using Prioritizable interface, each implementation define the order. In most cases, less is the number, more prior is the component.

Specified by:

getPriority in interface Prioritizable

Returns:

the priority