Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

pt.digitalis.dif.controller.security.managers.impl
Class AbstractAuthorizationManagerImpl

java.lang.Object
  extended by pt.digitalis.dif.controller.security.managers.impl.AbstractAuthorizationManagerImpl
All Implemented Interfaces:
IAuthorizationManager
Direct Known Subclasses:
AuthorizationManagerStaticImpl
public abstract class AbstractAuthorizationManagerImpl
extends Object
implements IAuthorizationManager

Provides an abstract implementation for the authorization manager.

Author:
Rodrigo Gonçalves rgoncalves@digitalis.pt
Created on:
2008/03/17

Field Summary
protected  IDEMManager demManager
          The DEM manager
protected  IIdentityManager identityManager
          The identity manager
 
Constructor Summary
AbstractAuthorizationManagerImpl(IIdentityManager identityManager, IDEMManager demManager)
          Default constructor
 
Method Summary
 boolean addACLEntry(ACLEntry entry)
          Adds an ACL to the manager repository
protected  boolean addACLEntryToGroup(ACLEntry entry)
          Adds a new entry to the group ACL.
protected  boolean addACLEntryToPublic(ACLEntry entry)
          Adds a new entry to the group ACL.
protected  boolean addACLEntryToUser(ACLEntry entry)
          Adds a new entry to the user ACL.
protected  boolean checkAccessToGroup(IDIFGroup group, Entity entityType, String entityID)
          Check for access grants
protected  boolean checkAccessUser(IDIFUser user, Entity entityType, String entityID)
          Check for access grants
protected  boolean checkGroupDirectAccess(IDIFGroup group, Entity entityType, String entityID)
          Check if a group has access granted to entity
protected  boolean checkUserDirectAccess(IDIFUser user, Entity entityType, String entityID)
          Implementation if a non-hierarchical check for direct access grants
protected  ACLEntry createGroupACLEntry(String groupID, String entityID, Entity entityType)
          Creates an ACL entry for a group.
protected  ACLEntry createPublicACLEntry(String entityID, Entity entityType)
          Creates a public ACL entry for a given entity.
protected  ACLEntry createUserACLEntry(String userID, String entityID, Entity entityType)
          Creates an ACL entry for a user.
protected  List<ACLEntry> doFindACLEntriesByUserInherited(String userID, IDIFGroup group)
          Implementation for finding inherited ACL entries for a user
protected  boolean doHasAccessPublic(Entity entityType, String entityID)
          Implementation if a non-hierarchical check for access grants
 List<ACLEntry> findACLEntriesByApplication(String applicationID)
          Returns the ACL by application.
 List<ACLEntry> findACLEntriesByGroup(String groupID)
          Returns the group ACL.
 List<ACLEntry> findACLEntriesByProvider(String providerID)
          Returns ACL by provider.
 List<ACLEntry> findACLEntriesByService(String serviceID)
          Returns the ACL by service.
 List<ACLEntry> findACLEntriesByStage(String stageID)
          Returns the ACL by stage.
 List<ACLEntry> findACLEntriesByUser(String userID)
          Returns the user ACL.
 List<ACLEntry> findACLEntriesByUserInherited(String userID)
          Returns the user ACL, inheriting the ACL's from groups as well.
 List<ACLEntry> findPublicACLEntries()
          Returns the public ACL.
 Map<String,Set<ACLEntry>> getGroupAccessControlList()
          Inspector for the 'groupAccessControlList' attribute.
 Map<String,ACLEntry> getPublicAccessControlList()
          Inspector for the 'publicAccessControlList' attribute.
 Map<String,Set<ACLEntry>> getUserAccessControlList()
          Inspector for the 'userAccessControlList' attribute.
 boolean grantAccessToGroup(String groupID, Entity entityType, String entityID)
          Grants a group with access to a given stage.
 boolean grantAccessToPublic(Entity entityType, String entityID)
          Grants the public with access to a given stage.
 boolean grantAccessToUser(String userID, Entity entityType, String entityID)
          Grants a user with access to a given stage.
 boolean grantDefaultAccessToGroup(String groupID, Entity entityType, String entityID)
          Grants a group with default access to a given stage.
 boolean grantDefaultAccessToUser(String userID, Entity entityType, String entityID)
          Grants a user with default access to a given stage.
 boolean grantDefaultPublicAccess(Entity entityType, String entityID)
          Grants with default public access to a given stage.
 boolean hasAccessGroup(IDIFGroup group, Entity entityType, String entityID)
          Checks if a group can access a given stage.
 boolean hasAccessGroup(IDIFGroup group, IApplication application)
          Checks if the group can access a given application.
 boolean hasAccessGroup(IDIFGroup group, IService service)
          Checks if the group can access a given service.
 boolean hasAccessGroup(IDIFGroup group, IStage stage)
          Checks if a group can access to a given stage.
 boolean hasAccessPublic(Entity entityType, String entityID)
          Checks if the public can access to a given entity identified with a type and ID.
 boolean hasAccessPublic(IApplication application)
          Checks if the public can access a given application.
 boolean hasAccessPublic(IService service)
          Checks if the public can access a given service.
 boolean hasAccessPublic(IStage stage)
          Checks if the public can access a given stage.
 boolean hasAccessUser(IDIFUser user, Entity entityType, String entityID)
          Checks if a user can access to a given entity identified with a type and ID.
 boolean hasAccessUser(IDIFUser user, IApplication application)
          Checks if the user can access a given application.
 boolean hasAccessUser(IDIFUser user, IService service)
          Checks if the user can access a given service.
 boolean hasAccessUser(IDIFUser user, IStage stage)
          Checks if the user can access a given stage.
 boolean revokeAccessFromGroup(String groupID, Entity entityType, String entityID)
          Revokes the access of a group to a given stage.
 boolean revokeAccessFromPublic(Entity entityType, String entityID)
          Revokes the public access to a given stage.
 boolean revokeAccessFromUser(String userID, Entity entityType, String entityID)
          Revokes the access of a user to a given stage.
 boolean revokeACLEntry(ACLEntry entry)
          Removes an ACL from the manager repository
 boolean revokeAllAccessFromGroup(String groupID)
          Revokes the access of a group to all entities.
 boolean revokeAllAccessFromUser(String userID)
          Revokes the access of a user to all entities.
 String toString()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

demManager

protected IDEMManager demManager
The DEM manager

identityManager

protected IIdentityManager identityManager
The identity manager

Constructor Detail

AbstractAuthorizationManagerImpl

public AbstractAuthorizationManagerImpl(IIdentityManager identityManager,
                                        IDEMManager demManager)
Default constructor

Parameters:
identityManager - the identity manager
demManager - the DEM manager
Method Detail

addACLEntry

public boolean addACLEntry(ACLEntry entry)
                    throws AuthorizationManagerException
Description copied from interface: IAuthorizationManager
Adds an ACL to the manager repository

Specified by:
addACLEntry in interface IAuthorizationManager
Parameters:
entry - the entry
Returns:
T if the operation was successful
Throws:
AuthorizationManagerException - if a resource needed for adding authorization credentials can't be accessed
See Also:
IAuthorizationManager.addACLEntry(pt.digitalis.dif.controller.security.objects.ACLEntry)

addACLEntryToGroup

protected boolean addACLEntryToGroup(ACLEntry entry)
                              throws AuthorizationManagerException
Adds a new entry to the group ACL.

Parameters:
entry - the entry to add
Returns:
T if the operation succeeded, F otherwise
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed

addACLEntryToPublic

protected boolean addACLEntryToPublic(ACLEntry entry)
                               throws AuthorizationManagerException
Adds a new entry to the group ACL.

Parameters:
entry - the entry to add
Returns:
T if the operation succeeded, F otherwise
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed

addACLEntryToUser

protected boolean addACLEntryToUser(ACLEntry entry)
                             throws AuthorizationManagerException
Adds a new entry to the user ACL.

Parameters:
entry - the entry to add
Returns:
T if the operation succeeded, F otherwise
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed

checkAccessToGroup

protected boolean checkAccessToGroup(IDIFGroup group,
                                     Entity entityType,
                                     String entityID)
                              throws AuthorizationManagerException
Check for access grants

Parameters:
group - the group to check
entityType - the entity type
entityID - the entity ID
Returns:
T if the user can access the stage, F otherwise
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed

checkAccessUser

protected boolean checkAccessUser(IDIFUser user,
                                  Entity entityType,
                                  String entityID)
                           throws AuthorizationManagerException
Check for access grants

Parameters:
user - the user to check
entityType - the entity type
entityID - the entity ID
Returns:
T if the user can access the stage, F otherwise
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed

checkGroupDirectAccess

protected boolean checkGroupDirectAccess(IDIFGroup group,
                                         Entity entityType,
                                         String entityID)
                                  throws AuthorizationManagerException
Check if a group has access granted to entity

Parameters:
group - the groupId
entityType - the entity type
entityID - the entity id
Returns:
validation
Throws:
AuthorizationManagerException - If a AuthorizationManager exception Occurrs

checkUserDirectAccess

protected boolean checkUserDirectAccess(IDIFUser user,
                                        Entity entityType,
                                        String entityID)
                                 throws AuthorizationManagerException
Implementation if a non-hierarchical check for direct access grants

Parameters:
user - the user to check
entityType - the entity type
entityID - the entity ID
Returns:
T if the user can access the stage, F otherwise
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed

createGroupACLEntry

protected ACLEntry createGroupACLEntry(String groupID,
                                       String entityID,
                                       Entity entityType)
Creates an ACL entry for a group.

Parameters:
groupID - the group ID
entityID - the entity ID
entityType - the entity type
Returns:
the group entry

createPublicACLEntry

protected ACLEntry createPublicACLEntry(String entityID,
                                        Entity entityType)
Creates a public ACL entry for a given entity.

Parameters:
entityID - the entity ID
entityType - the entity type
Returns:
the group entry

createUserACLEntry

protected ACLEntry createUserACLEntry(String userID,
                                      String entityID,
                                      Entity entityType)
Creates an ACL entry for a user.

Parameters:
userID - the user ID
entityID - the entity ID
entityType - the entity type
Returns:
the user entry

doFindACLEntriesByUserInherited

protected List<ACLEntry> doFindACLEntriesByUserInherited(String userID,
                                                         IDIFGroup group)
                                                  throws IdentityManagerException
Implementation for finding inherited ACL entries for a user

Parameters:
userID -
group -
Returns:
a
Throws:
IdentityManagerException

doHasAccessPublic

protected boolean doHasAccessPublic(Entity entityType,
                                    String entityID)
Implementation if a non-hierarchical check for access grants

Parameters:
entityType - the entity type
entityID - the entity ID
Returns:
T if the user can access the stage, F otherwise

findACLEntriesByApplication

public List<ACLEntry> findACLEntriesByApplication(String applicationID)
Description copied from interface: IAuthorizationManager
Returns the ACL by application.

Specified by:
findACLEntriesByApplication in interface IAuthorizationManager
Parameters:
applicationID - the application id
Returns:
the application ACL
See Also:
IAuthorizationManager.findACLEntriesByApplication(java.lang.String)

findACLEntriesByGroup

public List<ACLEntry> findACLEntriesByGroup(String groupID)
Description copied from interface: IAuthorizationManager
Returns the group ACL.

Specified by:
findACLEntriesByGroup in interface IAuthorizationManager
Parameters:
groupID - the group id
Returns:
the group ACL
See Also:
IAuthorizationManager.findACLEntriesByGroup(java.lang.String)

findACLEntriesByProvider

public List<ACLEntry> findACLEntriesByProvider(String providerID)
Description copied from interface: IAuthorizationManager
Returns ACL by provider.

Specified by:
findACLEntriesByProvider in interface IAuthorizationManager
Parameters:
providerID - the provider id
Returns:
the provider ACL
See Also:
IAuthorizationManager.findACLEntriesByProvider(java.lang.String)

findACLEntriesByService

public List<ACLEntry> findACLEntriesByService(String serviceID)
Description copied from interface: IAuthorizationManager
Returns the ACL by service.

Specified by:
findACLEntriesByService in interface IAuthorizationManager
Parameters:
serviceID - the service id
Returns:
the service ACL
See Also:
IAuthorizationManager.findACLEntriesByService(java.lang.String)

findACLEntriesByStage

public List<ACLEntry> findACLEntriesByStage(String stageID)
Description copied from interface: IAuthorizationManager
Returns the ACL by stage.

Specified by:
findACLEntriesByStage in interface IAuthorizationManager
Parameters:
stageID - the stage id
Returns:
the stage ACL
See Also:
IAuthorizationManager.findACLEntriesByStage(java.lang.String)

findACLEntriesByUser

public List<ACLEntry> findACLEntriesByUser(String userID)
Description copied from interface: IAuthorizationManager
Returns the user ACL.

Specified by:
findACLEntriesByUser in interface IAuthorizationManager
Parameters:
userID - the user id
Returns:
the user ACL
See Also:
IAuthorizationManager.findACLEntriesByUser(java.lang.String)

findACLEntriesByUserInherited

public List<ACLEntry> findACLEntriesByUserInherited(String userID)
                                             throws AuthorizationManagerException
Description copied from interface: IAuthorizationManager
Returns the user ACL, inheriting the ACL's from groups as well.

Specified by:
findACLEntriesByUserInherited in interface IAuthorizationManager
Parameters:
userID - the user id
Returns:
the user ACL
Throws:
AuthorizationManagerException
See Also:
IAuthorizationManager.findACLEntriesByUserInherited(java.lang.String)

findPublicACLEntries

public List<ACLEntry> findPublicACLEntries()
Description copied from interface: IAuthorizationManager
Returns the public ACL.

Specified by:
findPublicACLEntries in interface IAuthorizationManager
Returns:
the public ACL
See Also:
IAuthorizationManager.findPublicACLEntries()

getGroupAccessControlList

public Map<String,Set<ACLEntry>> getGroupAccessControlList()
Inspector for the 'groupAccessControlList' attribute.

Returns:
the groupAccessControlList value

getPublicAccessControlList

public Map<String,ACLEntry> getPublicAccessControlList()
Inspector for the 'publicAccessControlList' attribute.

Returns:
the publicAccessControlList value

getUserAccessControlList

public Map<String,Set<ACLEntry>> getUserAccessControlList()
Inspector for the 'userAccessControlList' attribute.

Returns:
the userAccessControlList value

grantAccessToGroup

public boolean grantAccessToGroup(String groupID,
                                  Entity entityType,
                                  String entityID)
                           throws AuthorizationManagerException
Description copied from interface: IAuthorizationManager
Grants a group with access to a given stage.

Specified by:
grantAccessToGroup in interface IAuthorizationManager
Parameters:
groupID - the id of the group to grant access
entityType - the entity type
entityID - the entity ID
Returns:
T if access was granted, F otherwise.
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed
See Also:
IAuthorizationManager.grantAccessToGroup(java.lang.String, pt.digitalis.dif.dem.Entity, java.lang.String)

grantAccessToPublic

public boolean grantAccessToPublic(Entity entityType,
                                   String entityID)
                            throws AuthorizationManagerException
Description copied from interface: IAuthorizationManager
Grants the public with access to a given stage.

Specified by:
grantAccessToPublic in interface IAuthorizationManager
Parameters:
entityType - the entity type
entityID - the entity ID
Returns:
T if access was granted, F otherwise.
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed
See Also:
IAuthorizationManager.grantAccessToPublic(pt.digitalis.dif.dem.Entity, java.lang.String)

grantAccessToUser

public boolean grantAccessToUser(String userID,
                                 Entity entityType,
                                 String entityID)
                          throws AuthorizationManagerException
Description copied from interface: IAuthorizationManager
Grants a user with access to a given stage.

Specified by:
grantAccessToUser in interface IAuthorizationManager
Parameters:
userID - the id of the user to grant access
entityType - the entity type
entityID - the entity ID
Returns:
T if access was granted, F otherwise.
Throws:
AuthorizationManagerException - if a resource needed for granting authorization credentials can't be accessed
See Also:
IAuthorizationManager.grantAccessToUser(java.lang.String, pt.digitalis.dif.dem.Entity, java.lang.String)

grantDefaultAccessToGroup

public boolean grantDefaultAccessToGroup(String groupID,
                                         Entity entityType,
                                         String entityID)
                                  throws AuthorizationManagerException
Description copied from interface: IAuthorizationManager
Grants a group with default access to a given stage.

Specified by:
grantDefaultAccessToGroup in interface IAuthorizationManager
Parameters:
groupID - the id of the group to grant access
entityType - the entity type
entityID - the entity ID
Returns:
T if access was granted, F otherwise.
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed
See Also:
IAuthorizationManager.grantDefaultAccessToGroup(java.lang.String, pt.digitalis.dif.dem.Entity, java.lang.String)

grantDefaultAccessToUser

public boolean grantDefaultAccessToUser(String userID,
                                        Entity entityType,
                                        String entityID)
                                 throws AuthorizationManagerException
Description copied from interface: IAuthorizationManager
Grants a user with default access to a given stage.

Specified by:
grantDefaultAccessToUser in interface IAuthorizationManager
Parameters:
userID - the id of the user to grant access
entityType - the entity type
entityID - the entity ID
Returns:
T if access was granted, F otherwise.
Throws:
AuthorizationManagerException - if a resource needed for granting authorization credentials can't be accessed
See Also:
IAuthorizationManager.grantDefaultAccessToUser(java.lang.String, pt.digitalis.dif.dem.Entity, java.lang.String)

grantDefaultPublicAccess

public boolean grantDefaultPublicAccess(Entity entityType,
                                        String entityID)
                                 throws AuthorizationManagerException
Description copied from interface: IAuthorizationManager
Grants with default public access to a given stage.

Specified by:
grantDefaultPublicAccess in interface IAuthorizationManager
Parameters:
entityType - the entity type
entityID - the entity ID
Returns:
T if the operation was successful
Throws:
AuthorizationManagerException - if a resource needed for granting authorization credentials can't be accessed
See Also:
IAuthorizationManager.grantDefaultPublicAccess(pt.digitalis.dif.dem.Entity, java.lang.String)

hasAccessGroup

public final boolean hasAccessGroup(IDIFGroup group,
                                    Entity entityType,
                                    String entityID)
                             throws AuthorizationManagerException
Description copied from interface: IAuthorizationManager
Checks if a group can access a given stage.

Specified by:
hasAccessGroup in interface IAuthorizationManager
Parameters:
group - the group to grant access
entityType - the entity type
entityID - the entity ID
Returns:
T if the group can access the stage, F otherwise
Throws:
AuthorizationManagerException - if a needed resource for authorization checking can't be found
See Also:
IAuthorizationManager.hasAccessGroup(pt.digitalis.dif.controller.security.objects.IDIFGroup, pt.digitalis.dif.dem.Entity, java.lang.String)

hasAccessGroup

public boolean hasAccessGroup(IDIFGroup group,
                              IApplication application)
                       throws AuthorizationManagerException
Description copied from interface: IAuthorizationManager
Checks if the group can access a given application. Will parse the DEM for inherited grants

Specified by:
hasAccessGroup in interface IAuthorizationManager
Parameters:
group - the group to grant access
application - the application to check
Returns:
T if the user can access the application, F otherwise
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed
See Also:
IAuthorizationManager.hasAccessGroup(pt.digitalis.dif.controller.security.objects.IDIFGroup, pt.digitalis.dif.dem.interfaces.IApplication)

hasAccessGroup

public boolean hasAccessGroup(IDIFGroup group,
                              IService service)
                       throws AuthorizationManagerException
Description copied from interface: IAuthorizationManager
Checks if the group can access a given service. Will parse the DEM for inherited grants

Specified by:
hasAccessGroup in interface IAuthorizationManager
Parameters:
group - the group to grant access
service - the service to check
Returns:
T if the user can access the service, F otherwise
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed
See Also:
IAuthorizationManager.hasAccessGroup(pt.digitalis.dif.controller.security.objects.IDIFGroup, pt.digitalis.dif.dem.interfaces.IService)

hasAccessGroup

public final boolean hasAccessGroup(IDIFGroup group,
                                    IStage stage)
                             throws AuthorizationManagerException
Description copied from interface: IAuthorizationManager
Checks if a group can access to a given stage.

Specified by:
hasAccessGroup in interface IAuthorizationManager
Parameters:
group - the group to grant access
stage - the stage to check
Returns:
T if the group can access the stage, F otherwise
Throws:
AuthorizationManagerException - if a needed resource for authorization checking can't be found
See Also:
IAuthorizationManager.hasAccessGroup(pt.digitalis.dif.controller.security.objects.IDIFGroup, pt.digitalis.dif.dem.interfaces.IStage)

hasAccessPublic

public final boolean hasAccessPublic(Entity entityType,
                                     String entityID)
Description copied from interface: IAuthorizationManager
Checks if the public can access to a given entity identified with a type and ID.

Specified by:
hasAccessPublic in interface IAuthorizationManager
Parameters:
entityType - the entity type
entityID - the entity ID
Returns:
T if the user can access the stage, F otherwise
See Also:
IAuthorizationManager.hasAccessPublic(pt.digitalis.dif.dem.Entity, java.lang.String)

hasAccessPublic

public boolean hasAccessPublic(IApplication application)
Description copied from interface: IAuthorizationManager
Checks if the public can access a given application.

Specified by:
hasAccessPublic in interface IAuthorizationManager
Parameters:
application - the application to check
Returns:
T if the public can access the application, F otherwise
See Also:
IAuthorizationManager.hasAccessPublic(pt.digitalis.dif.dem.interfaces.IApplication)

hasAccessPublic

public boolean hasAccessPublic(IService service)
Description copied from interface: IAuthorizationManager
Checks if the public can access a given service.

Specified by:
hasAccessPublic in interface IAuthorizationManager
Parameters:
service - the stage to check
Returns:
T if the public can access the service, F otherwise
See Also:
IAuthorizationManager.hasAccessPublic(pt.digitalis.dif.dem.interfaces.IService)

hasAccessPublic

public final boolean hasAccessPublic(IStage stage)
Description copied from interface: IAuthorizationManager
Checks if the public can access a given stage.

Specified by:
hasAccessPublic in interface IAuthorizationManager
Parameters:
stage - the stage to check
Returns:
T if the public can access the stage, F otherwise
See Also:
IAuthorizationManager.hasAccessPublic(pt.digitalis.dif.dem.interfaces.IStage)

hasAccessUser

public final boolean hasAccessUser(IDIFUser user,
                                   Entity entityType,
                                   String entityID)
                            throws AuthorizationManagerException
Description copied from interface: IAuthorizationManager
Checks if a user can access to a given entity identified with a type and ID.

Specified by:
hasAccessUser in interface IAuthorizationManager
Parameters:
user - the the user to check access
entityType - the entity type
entityID - the entity ID
Returns:
T if the user can access the stage, F otherwise
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed
See Also:
IAuthorizationManager.hasAccessUser(pt.digitalis.dif.controller.security.objects.IDIFUser, pt.digitalis.dif.dem.Entity, java.lang.String)

hasAccessUser

public boolean hasAccessUser(IDIFUser user,
                             IApplication application)
                      throws AuthorizationManagerException
Description copied from interface: IAuthorizationManager
Checks if the user can access a given application. Will parse the DEM for inherited grants

Specified by:
hasAccessUser in interface IAuthorizationManager
Parameters:
user - the user to check access
application - the application to check
Returns:
T if the user can access the application, F otherwise
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed
See Also:
IAuthorizationManager.hasAccessUser(pt.digitalis.dif.controller.security.objects.IDIFUser, pt.digitalis.dif.dem.interfaces.IApplication)

hasAccessUser

public boolean hasAccessUser(IDIFUser user,
                             IService service)
                      throws AuthorizationManagerException
Description copied from interface: IAuthorizationManager
Checks if the user can access a given service. Will parse the DEM for inherited grants

Specified by:
hasAccessUser in interface IAuthorizationManager
Parameters:
user - the user to check access
service - the service to check
Returns:
T if the user can access the service, F otherwise
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed
See Also:
IAuthorizationManager.hasAccessUser(pt.digitalis.dif.controller.security.objects.IDIFUser, pt.digitalis.dif.dem.interfaces.IService)

hasAccessUser

public final boolean hasAccessUser(IDIFUser user,
                                   IStage stage)
                            throws AuthorizationManagerException
Description copied from interface: IAuthorizationManager
Checks if the user can access a given stage. Will parse the DEM for inherited grants

Specified by:
hasAccessUser in interface IAuthorizationManager
Parameters:
user - the user to check access
stage - the stage to check
Returns:
T if the user can access the stage, F otherwise
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed
See Also:
IAuthorizationManager.hasAccessUser(pt.digitalis.dif.controller.security.objects.IDIFUser, pt.digitalis.dif.dem.interfaces.IStage)

revokeAccessFromGroup

public boolean revokeAccessFromGroup(String groupID,
                                     Entity entityType,
                                     String entityID)
Description copied from interface: IAuthorizationManager
Revokes the access of a group to a given stage.

Specified by:
revokeAccessFromGroup in interface IAuthorizationManager
Parameters:
groupID - the id of the group to revoke access
entityType - the entity type
entityID - the entity ID
Returns:
T if access was revoked, F otherwise.
See Also:
IAuthorizationManager.revokeAccessFromGroup(java.lang.String, pt.digitalis.dif.dem.Entity, java.lang.String)

revokeAccessFromPublic

public boolean revokeAccessFromPublic(Entity entityType,
                                      String entityID)
Description copied from interface: IAuthorizationManager
Revokes the public access to a given stage. AccessControl

Specified by:
revokeAccessFromPublic in interface IAuthorizationManager
Parameters:
entityType - the entity type
entityID - the entity ID
Returns:
T if access was revoked, F otherwise.
See Also:
IAuthorizationManager.revokeAccessFromPublic(pt.digitalis.dif.dem.Entity, java.lang.String)

revokeAccessFromUser

public boolean revokeAccessFromUser(String userID,
                                    Entity entityType,
                                    String entityID)
Description copied from interface: IAuthorizationManager
Revokes the access of a user to a given stage.

Specified by:
revokeAccessFromUser in interface IAuthorizationManager
Parameters:
userID - the id of the user to revoke access
entityType - the entity type
entityID - the entity ID
Returns:
T if access was revoked, F otherwise.
See Also:
IAuthorizationManager.revokeAccessFromUser(java.lang.String, pt.digitalis.dif.dem.Entity, java.lang.String)

revokeACLEntry

public boolean revokeACLEntry(ACLEntry entry)
Description copied from interface: IAuthorizationManager
Removes an ACL from the manager repository

Specified by:
revokeACLEntry in interface IAuthorizationManager
Parameters:
entry - the entry
Returns:
T if the operation was successful
See Also:
IAuthorizationManager.revokeACLEntry(pt.digitalis.dif.controller.security.objects.ACLEntry)

revokeAllAccessFromGroup

public boolean revokeAllAccessFromGroup(String groupID)
Description copied from interface: IAuthorizationManager
Revokes the access of a group to all entities.

Specified by:
revokeAllAccessFromGroup in interface IAuthorizationManager
Parameters:
groupID - the id of the group to revoke access
Returns:
T if access was revoked, F otherwise.
See Also:
IAuthorizationManager.revokeAllAccessFromGroup(java.lang.String)

revokeAllAccessFromUser

public boolean revokeAllAccessFromUser(String userID)
Description copied from interface: IAuthorizationManager
Revokes the access of a user to all entities.

Specified by:
revokeAllAccessFromUser in interface IAuthorizationManager
Parameters:
userID - the id of the user to revoke access
Returns:
T if access was revoked, F otherwise.
See Also:
IAuthorizationManager.revokeAllAccessFromUser(java.lang.String)

toString

public String toString()
Overrides:
toString in class Object
See Also:
Object.toString()
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2014 Digitalis Informática Lda. All Rights Reserved.