Package org.ametys.core.right
Interface AccessController
-
- All Known Implementing Classes:
AbstractHierarchicalAccessController,AbstractProfileStorageBasedAccessController,AdminAccessController,ApplicationAccessController,BackOfficeAccessController,BPMAccessController,CartAccessController,CatalogNewsAccessController,ContentAccessController,ContentsCreatorAccessController,ContentTypeAccessController,EditionFOAccessController,LinkDirectoryAccessController,ModuleAccessController,ODFContentHierarchicalAccessController,ODFOrphanContentAccessController,PageAccessController,ProjectAccessController,QueryAccessController,ReferenceTableAccessController,RemoteCDMFrSCCAccessController,ReportsPageAccessController,ResourceAccessController,StringHierarchicalAccessController,SurveyAccessController,SynchronizedContentAccessController,ThesaurusAccessController,UGCCreatorContentAccessController,UGCCreatorPageAccessController,UserDirectoryContentAccessController,WebContentAccessController,WebContentTypeAccessController,WebWorkspaceAccessController,WorkspaceAccessController,WorkspaceAccessController,WorkspaceSwitchedAccessController
public interface AccessController
This interface is for computing the rights a user has.
-
-
Nested Class Summary
Nested Classes Modifier and Type Interface Description static classAccessController.AccessResultThe access result when looking for a right
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description AccessController.AccessResultgetPermission(UserIdentity user, Set<GroupIdentity> userGroups, String rightId, Object object)Gets the kind of access a user has on an object for a given rightMap<GroupIdentity,AccessController.AccessResult>getPermissionByGroup(String rightId, Object object)Gets the permission by group only on an object for the given right.Map<String,AccessController.AccessResult>getPermissionByRight(UserIdentity user, Set<GroupIdentity> userGroups, Object object)Gets the kind of access a user has on an object for all rightsMap<UserIdentity,AccessController.AccessResult>getPermissionByUser(String rightId, Object object)Gets the permission by user only on an object for the given right.AccessController.AccessResultgetPermissionForAnonymous(String rightId, Object object)Gets the permission for Anonymous only on an object for a given rightAccessController.AccessResultgetPermissionForAnyConnectedUser(String rightId, Object object)Gets the permission for any connected user only on an object for a given rightAccessController.AccessResultgetReadAccessPermission(UserIdentity user, Set<GroupIdentity> userGroups, Object object)Gets the kind of access a user has on an object for thye read accessMap<GroupIdentity,AccessController.AccessResult>getReadAccessPermissionByGroup(Object object)Gets the read access permission by group only on an object.Map<UserIdentity,AccessController.AccessResult>getReadAccessPermissionByUser(Object object)Gets the read access permission by user only on an object.AccessController.AccessResultgetReadAccessPermissionForAnonymous(Object object)Gets the read access permission for Anonymous only on an objectAccessController.AccessResultgetReadAccessPermissionForAnyConnectedUser(Object object)Gets the read access permission for any connected user only on an objectbooleanhasAnonymousAnyPermissionOnWorkspace(Set<Object> workspacesContexts, String rightId)Returns true if anonymous has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.booleanhasAnonymousAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)Returns true if anonymous has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.booleanhasAnyConnectedUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts, String rightId)Returns true if any connected user has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.booleanhasAnyConnectedUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)Returns true if any connected user has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.booleanhasUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups, String rightId)Returns true if the user has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.booleanhasUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups)Returns true if the user has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.booleanisSupported(Object object)Returns true if this access controller supports the given object
-
-
-
Method Detail
-
getPermission
AccessController.AccessResult getPermission(UserIdentity user, Set<GroupIdentity> userGroups, String rightId, Object object)
Gets the kind of access a user has on an object for a given right- Parameters:
user- The user. Cannot be null.userGroups- The groups the user belongs torightId- The id of the right of the userobject- The context object to check the access- Returns:
- the kind of access a user has on an object for a right
-
getReadAccessPermission
AccessController.AccessResult getReadAccessPermission(UserIdentity user, Set<GroupIdentity> userGroups, Object object)
Gets the kind of access a user has on an object for thye read access- Parameters:
user- The user. Cannot be null.userGroups- The groups the user belongs toobject- The context object to check the access- Returns:
- the kind of access a user has on an object for the read access
-
getPermissionByRight
Map<String,AccessController.AccessResult> getPermissionByRight(UserIdentity user, Set<GroupIdentity> userGroups, Object object)
Gets the kind of access a user has on an object for all rights- Parameters:
user- The user. Cannot be null.userGroups- The groups the user belongs toobject- The context object to check the access- Returns:
- the kind of access a user has on an object for all rights
-
getPermissionForAnonymous
AccessController.AccessResult getPermissionForAnonymous(String rightId, Object object)
Gets the permission for Anonymous only on an object for a given right- Parameters:
rightId- The id of the right to checkobject- The object- Returns:
- the permission for Anonymous only on an object for a given right
-
getReadAccessPermissionForAnonymous
AccessController.AccessResult getReadAccessPermissionForAnonymous(Object object)
Gets the read access permission for Anonymous only on an object- Parameters:
object- The object- Returns:
- the read access permission for Anonymous only on an object
-
getPermissionForAnyConnectedUser
AccessController.AccessResult getPermissionForAnyConnectedUser(String rightId, Object object)
Gets the permission for any connected user only on an object for a given right- Parameters:
rightId- The id of the right to checkobject- The object- Returns:
- the permission for any connected user only on an object for a given right
-
getReadAccessPermissionForAnyConnectedUser
AccessController.AccessResult getReadAccessPermissionForAnyConnectedUser(Object object)
Gets the read access permission for any connected user only on an object- Parameters:
object- The object- Returns:
- the read access permission for any connected user only on an object
-
getPermissionByUser
Map<UserIdentity,AccessController.AccessResult> getPermissionByUser(String rightId, Object object)
Gets the permission by user only on an object for the given right. It does not take account of the groups of the user, etc.- Parameters:
rightId- The id of the right to checkobject- The object- Returns:
- the permission by user only on an object for the given right
-
getReadAccessPermissionByUser
Map<UserIdentity,AccessController.AccessResult> getReadAccessPermissionByUser(Object object)
Gets the read access permission by user only on an object. It does not take account of the groups of the user, etc.- Parameters:
object- The object- Returns:
- the read access permission by user only on an object
-
getPermissionByGroup
Map<GroupIdentity,AccessController.AccessResult> getPermissionByGroup(String rightId, Object object)
Gets the permission by group only on an object for the given right.- Parameters:
rightId- The id of the right to checkobject- The object- Returns:
- the permission by group only on an object for the given right
-
getReadAccessPermissionByGroup
Map<GroupIdentity,AccessController.AccessResult> getReadAccessPermissionByGroup(Object object)
Gets the read access permission by group only on an object.- Parameters:
object- The object- Returns:
- the read access permission by group only on an object
-
hasUserAnyPermissionOnWorkspace
boolean hasUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups, String rightId)
Returns true if the user has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.- Parameters:
workspacesContexts- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}user- The useruserGroups- The groupsrightId- The id of the right to check- Returns:
- true if the user has a permission on at least one object, directly or though groups, for a given right
-
hasUserAnyReadAccessPermissionOnWorkspace
boolean hasUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups)
Returns true if the user has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.- Parameters:
workspacesContexts- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}user- The useruserGroups- The groups- Returns:
- true if the user has a permission on at least one object, directly or though groups, for a given right
-
hasAnonymousAnyPermissionOnWorkspace
boolean hasAnonymousAnyPermissionOnWorkspace(Set<Object> workspacesContexts, String rightId)
Returns true if anonymous has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.- Parameters:
workspacesContexts- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}rightId- The id of the right to check- Returns:
- true if anonymous has a permission on at least one object, directly or though groups, for a given right
-
hasAnonymousAnyReadAccessPermissionOnWorkspace
boolean hasAnonymousAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)
Returns true if anonymous has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.- Parameters:
workspacesContexts- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}- Returns:
- true if anonymous has a permission on at least one object, directly or though groups, for a given right
-
hasAnyConnectedUserAnyPermissionOnWorkspace
boolean hasAnyConnectedUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts, String rightId)
Returns true if any connected user has a permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.- Parameters:
workspacesContexts- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}rightId- The id of the right to check- Returns:
- true if any connected user has a permission on at least one object, directly or though groups, for a given right
-
hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace
boolean hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)
Returns true if any connected user has a read access permission on at least one object, directly or though groups, for a given rights and if the object is attached to the given context that is /${WorkspaceName} and its conversions.- Parameters:
workspacesContexts- The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}- Returns:
- true if any connected user has a permission on at least one object, directly or though groups, for a given right
-
isSupported
boolean isSupported(Object object)
Returns true if this access controller supports the given object- Parameters:
object- The object to test- Returns:
- true if this access controller supports the given object
-
-