|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object pt.digitalis.dif.controller.security.managers.impl.AbstractAuthorizationManagerImpl
public abstract class AbstractAuthorizationManagerImpl
Provides an abstract implementation for the authorization manager.
Field Summary | |
---|---|
protected IDEMManager |
demManager
The DEM manager |
protected IIdentityManager |
identityManager
The identity manager |
Constructor Summary | |
---|---|
AbstractAuthorizationManagerImpl(IIdentityManager identityManager,
IDEMManager demManager)
Default constructor |
Method Summary | |
---|---|
boolean |
addACLEntry(ACLEntry entry)
Adds an ACL to the manager repository |
protected boolean |
addACLEntryToGroup(ACLEntry entry)
Adds a new entry to the group ACL. |
protected boolean |
addACLEntryToPublic(ACLEntry entry)
Adds a new entry to the group ACL. |
protected boolean |
addACLEntryToUser(ACLEntry entry)
Adds a new entry to the user ACL. |
protected boolean |
checkAccessToGroup(IDIFGroup group,
Entity entityType,
String entityID)
Check for access grants |
protected boolean |
checkAccessUser(IDIFUser user,
Entity entityType,
String entityID)
Check for access grants |
protected boolean |
checkGroupDirectAccess(IDIFGroup group,
Entity entityType,
String entityID)
Check if a group has access granted to entity |
protected boolean |
checkUserDirectAccess(IDIFUser user,
Entity entityType,
String entityID)
Implementation if a non-hierarchical check for direct access grants |
protected ACLEntry |
createGroupACLEntry(String groupID,
String entityID,
Entity entityType)
Creates an ACL entry for a group. |
protected ACLEntry |
createPublicACLEntry(String entityID,
Entity entityType)
Creates a public ACL entry for a given entity. |
protected ACLEntry |
createUserACLEntry(String userID,
String entityID,
Entity entityType)
Creates an ACL entry for a user. |
protected List<ACLEntry> |
doFindACLEntriesByUserInherited(String userID,
IDIFGroup group)
Implementation for finding inherited ACL entries for a user |
protected boolean |
doHasAccessPublic(Entity entityType,
String entityID)
Implementation if a non-hierarchical check for access grants |
List<ACLEntry> |
findACLEntriesByApplication(String applicationID)
Returns the ACL by application. |
List<ACLEntry> |
findACLEntriesByGroup(String groupID)
Returns the group ACL. |
List<ACLEntry> |
findACLEntriesByProvider(String providerID)
Returns ACL by provider. |
List<ACLEntry> |
findACLEntriesByService(String serviceID)
Returns the ACL by service. |
List<ACLEntry> |
findACLEntriesByStage(String stageID)
Returns the ACL by stage. |
List<ACLEntry> |
findACLEntriesByUser(String userID)
Returns the user ACL. |
List<ACLEntry> |
findACLEntriesByUserInherited(String userID)
Returns the user ACL, inheriting the ACL's from groups as well. |
List<ACLEntry> |
findPublicACLEntries()
Returns the public ACL. |
Map<String,Set<ACLEntry>> |
getGroupAccessControlList()
Inspector for the 'groupAccessControlList' attribute. |
Map<String,ACLEntry> |
getPublicAccessControlList()
Inspector for the 'publicAccessControlList' attribute. |
Map<String,Set<ACLEntry>> |
getUserAccessControlList()
Inspector for the 'userAccessControlList' attribute. |
boolean |
grantAccessToGroup(String groupID,
Entity entityType,
String entityID)
Grants a group with access to a given stage. |
boolean |
grantAccessToPublic(Entity entityType,
String entityID)
Grants the public with access to a given stage. |
boolean |
grantAccessToUser(String userID,
Entity entityType,
String entityID)
Grants a user with access to a given stage. |
boolean |
grantDefaultAccessToGroup(String groupID,
Entity entityType,
String entityID)
Grants a group with default access to a given stage. |
boolean |
grantDefaultAccessToUser(String userID,
Entity entityType,
String entityID)
Grants a user with default access to a given stage. |
boolean |
grantDefaultPublicAccess(Entity entityType,
String entityID)
Grants with default public access to a given stage. |
boolean |
hasAccessGroup(IDIFGroup group,
Entity entityType,
String entityID)
Checks if a group can access a given stage. |
boolean |
hasAccessGroup(IDIFGroup group,
IApplication application)
Checks if the group can access a given application. |
boolean |
hasAccessGroup(IDIFGroup group,
IService service)
Checks if the group can access a given service. |
boolean |
hasAccessGroup(IDIFGroup group,
IStage stage)
Checks if a group can access to a given stage. |
boolean |
hasAccessPublic(Entity entityType,
String entityID)
Checks if the public can access to a given entity identified with a type and ID. |
boolean |
hasAccessPublic(IApplication application)
Checks if the public can access a given application. |
boolean |
hasAccessPublic(IService service)
Checks if the public can access a given service. |
boolean |
hasAccessPublic(IStage stage)
Checks if the public can access a given stage. |
boolean |
hasAccessUser(IDIFUser user,
Entity entityType,
String entityID)
Checks if a user can access to a given entity identified with a type and ID. |
boolean |
hasAccessUser(IDIFUser user,
IApplication application)
Checks if the user can access a given application. |
boolean |
hasAccessUser(IDIFUser user,
IService service)
Checks if the user can access a given service. |
boolean |
hasAccessUser(IDIFUser user,
IStage stage)
Checks if the user can access a given stage. |
boolean |
revokeAccessFromGroup(String groupID,
Entity entityType,
String entityID)
Revokes the access of a group to a given stage. |
boolean |
revokeAccessFromPublic(Entity entityType,
String entityID)
Revokes the public access to a given stage. |
boolean |
revokeAccessFromUser(String userID,
Entity entityType,
String entityID)
Revokes the access of a user to a given stage. |
boolean |
revokeACLEntry(ACLEntry entry)
Removes an ACL from the manager repository |
boolean |
revokeAllAccessFromGroup(String groupID)
Revokes the access of a group to all entities. |
boolean |
revokeAllAccessFromUser(String userID)
Revokes the access of a user to all entities. |
String |
toString()
|
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Field Detail |
---|
protected IDEMManager demManager
protected IIdentityManager identityManager
Constructor Detail |
---|
public AbstractAuthorizationManagerImpl(IIdentityManager identityManager, IDEMManager demManager)
identityManager
- the identity managerdemManager
- the DEM managerMethod Detail |
---|
public boolean addACLEntry(ACLEntry entry) throws AuthorizationManagerException
IAuthorizationManager
addACLEntry
in interface IAuthorizationManager
entry
- the entry
AuthorizationManagerException
- if a resource needed for adding authorization credentials can't be accessedIAuthorizationManager.addACLEntry(pt.digitalis.dif.controller.security.objects.ACLEntry)
protected boolean addACLEntryToGroup(ACLEntry entry) throws AuthorizationManagerException
entry
- the entry to add
AuthorizationManagerException
- if a resource needed for checking authorization credentials can't be accessedprotected boolean addACLEntryToPublic(ACLEntry entry) throws AuthorizationManagerException
entry
- the entry to add
AuthorizationManagerException
- if a resource needed for checking authorization credentials can't be accessedprotected boolean addACLEntryToUser(ACLEntry entry) throws AuthorizationManagerException
entry
- the entry to add
AuthorizationManagerException
- if a resource needed for checking authorization credentials can't be accessedprotected boolean checkAccessToGroup(IDIFGroup group, Entity entityType, String entityID) throws AuthorizationManagerException
group
- the group to checkentityType
- the entity typeentityID
- the entity ID
AuthorizationManagerException
- if a resource needed for checking authorization credentials can't be accessedprotected boolean checkAccessUser(IDIFUser user, Entity entityType, String entityID) throws AuthorizationManagerException
user
- the user to checkentityType
- the entity typeentityID
- the entity ID
AuthorizationManagerException
- if a resource needed for checking authorization credentials can't be accessedprotected boolean checkGroupDirectAccess(IDIFGroup group, Entity entityType, String entityID) throws AuthorizationManagerException
group
- the groupIdentityType
- the entity typeentityID
- the entity id
AuthorizationManagerException
- If a AuthorizationManager exception Occurrsprotected boolean checkUserDirectAccess(IDIFUser user, Entity entityType, String entityID) throws AuthorizationManagerException
user
- the user to checkentityType
- the entity typeentityID
- the entity ID
AuthorizationManagerException
- if a resource needed for checking authorization credentials can't be accessedprotected ACLEntry createGroupACLEntry(String groupID, String entityID, Entity entityType)
groupID
- the group IDentityID
- the entity IDentityType
- the entity type
protected ACLEntry createPublicACLEntry(String entityID, Entity entityType)
entityID
- the entity IDentityType
- the entity type
protected ACLEntry createUserACLEntry(String userID, String entityID, Entity entityType)
userID
- the user IDentityID
- the entity IDentityType
- the entity type
protected List<ACLEntry> doFindACLEntriesByUserInherited(String userID, IDIFGroup group) throws IdentityManagerException
userID
- group
-
IdentityManagerException
protected boolean doHasAccessPublic(Entity entityType, String entityID)
entityType
- the entity typeentityID
- the entity ID
public List<ACLEntry> findACLEntriesByApplication(String applicationID)
IAuthorizationManager
findACLEntriesByApplication
in interface IAuthorizationManager
applicationID
- the application id
IAuthorizationManager.findACLEntriesByApplication(java.lang.String)
public List<ACLEntry> findACLEntriesByGroup(String groupID)
IAuthorizationManager
findACLEntriesByGroup
in interface IAuthorizationManager
groupID
- the group id
IAuthorizationManager.findACLEntriesByGroup(java.lang.String)
public List<ACLEntry> findACLEntriesByProvider(String providerID)
IAuthorizationManager
findACLEntriesByProvider
in interface IAuthorizationManager
providerID
- the provider id
IAuthorizationManager.findACLEntriesByProvider(java.lang.String)
public List<ACLEntry> findACLEntriesByService(String serviceID)
IAuthorizationManager
findACLEntriesByService
in interface IAuthorizationManager
serviceID
- the service id
IAuthorizationManager.findACLEntriesByService(java.lang.String)
public List<ACLEntry> findACLEntriesByStage(String stageID)
IAuthorizationManager
findACLEntriesByStage
in interface IAuthorizationManager
stageID
- the stage id
IAuthorizationManager.findACLEntriesByStage(java.lang.String)
public List<ACLEntry> findACLEntriesByUser(String userID)
IAuthorizationManager
findACLEntriesByUser
in interface IAuthorizationManager
userID
- the user id
IAuthorizationManager.findACLEntriesByUser(java.lang.String)
public List<ACLEntry> findACLEntriesByUserInherited(String userID) throws AuthorizationManagerException
IAuthorizationManager
findACLEntriesByUserInherited
in interface IAuthorizationManager
userID
- the user id
AuthorizationManagerException
IAuthorizationManager.findACLEntriesByUserInherited(java.lang.String)
public List<ACLEntry> findPublicACLEntries()
IAuthorizationManager
findPublicACLEntries
in interface IAuthorizationManager
IAuthorizationManager.findPublicACLEntries()
public Map<String,Set<ACLEntry>> getGroupAccessControlList()
public Map<String,ACLEntry> getPublicAccessControlList()
public Map<String,Set<ACLEntry>> getUserAccessControlList()
public boolean grantAccessToGroup(String groupID, Entity entityType, String entityID) throws AuthorizationManagerException
IAuthorizationManager
grantAccessToGroup
in interface IAuthorizationManager
groupID
- the id of the group to grant accessentityType
- the entity typeentityID
- the entity ID
AuthorizationManagerException
- if a resource needed for checking authorization credentials can't be accessedIAuthorizationManager.grantAccessToGroup(java.lang.String,
pt.digitalis.dif.dem.Entity, java.lang.String)
public boolean grantAccessToPublic(Entity entityType, String entityID) throws AuthorizationManagerException
IAuthorizationManager
grantAccessToPublic
in interface IAuthorizationManager
entityType
- the entity typeentityID
- the entity ID
AuthorizationManagerException
- if a resource needed for checking authorization credentials can't be accessedIAuthorizationManager.grantAccessToPublic(pt.digitalis.dif.dem.Entity,
java.lang.String)
public boolean grantAccessToUser(String userID, Entity entityType, String entityID) throws AuthorizationManagerException
IAuthorizationManager
grantAccessToUser
in interface IAuthorizationManager
userID
- the id of the user to grant accessentityType
- the entity typeentityID
- the entity ID
AuthorizationManagerException
- if a resource needed for granting authorization credentials can't be accessedIAuthorizationManager.grantAccessToUser(java.lang.String,
pt.digitalis.dif.dem.Entity, java.lang.String)
public boolean grantDefaultAccessToGroup(String groupID, Entity entityType, String entityID) throws AuthorizationManagerException
IAuthorizationManager
grantDefaultAccessToGroup
in interface IAuthorizationManager
groupID
- the id of the group to grant accessentityType
- the entity typeentityID
- the entity ID
AuthorizationManagerException
- if a resource needed for checking authorization credentials can't be accessedIAuthorizationManager.grantDefaultAccessToGroup(java.lang.String,
pt.digitalis.dif.dem.Entity, java.lang.String)
public boolean grantDefaultAccessToUser(String userID, Entity entityType, String entityID) throws AuthorizationManagerException
IAuthorizationManager
grantDefaultAccessToUser
in interface IAuthorizationManager
userID
- the id of the user to grant accessentityType
- the entity typeentityID
- the entity ID
AuthorizationManagerException
- if a resource needed for granting authorization credentials can't be accessedIAuthorizationManager.grantDefaultAccessToUser(java.lang.String,
pt.digitalis.dif.dem.Entity, java.lang.String)
public boolean grantDefaultPublicAccess(Entity entityType, String entityID) throws AuthorizationManagerException
IAuthorizationManager
grantDefaultPublicAccess
in interface IAuthorizationManager
entityType
- the entity typeentityID
- the entity ID
AuthorizationManagerException
- if a resource needed for granting authorization credentials can't be accessedIAuthorizationManager.grantDefaultPublicAccess(pt.digitalis.dif.dem.Entity,
java.lang.String)
public final boolean hasAccessGroup(IDIFGroup group, Entity entityType, String entityID) throws AuthorizationManagerException
IAuthorizationManager
hasAccessGroup
in interface IAuthorizationManager
group
- the group to grant accessentityType
- the entity typeentityID
- the entity ID
AuthorizationManagerException
- if a needed resource for authorization checking can't be foundIAuthorizationManager.hasAccessGroup(pt.digitalis.dif.controller.security.objects.IDIFGroup,
pt.digitalis.dif.dem.Entity, java.lang.String)
public boolean hasAccessGroup(IDIFGroup group, IApplication application) throws AuthorizationManagerException
IAuthorizationManager
hasAccessGroup
in interface IAuthorizationManager
group
- the group to grant accessapplication
- the application to check
AuthorizationManagerException
- if a resource needed for checking authorization credentials can't be accessedIAuthorizationManager.hasAccessGroup(pt.digitalis.dif.controller.security.objects.IDIFGroup,
pt.digitalis.dif.dem.interfaces.IApplication)
public boolean hasAccessGroup(IDIFGroup group, IService service) throws AuthorizationManagerException
IAuthorizationManager
hasAccessGroup
in interface IAuthorizationManager
group
- the group to grant accessservice
- the service to check
AuthorizationManagerException
- if a resource needed for checking authorization credentials can't be accessedIAuthorizationManager.hasAccessGroup(pt.digitalis.dif.controller.security.objects.IDIFGroup,
pt.digitalis.dif.dem.interfaces.IService)
public final boolean hasAccessGroup(IDIFGroup group, IStage stage) throws AuthorizationManagerException
IAuthorizationManager
hasAccessGroup
in interface IAuthorizationManager
group
- the group to grant accessstage
- the stage to check
AuthorizationManagerException
- if a needed resource for authorization checking can't be foundIAuthorizationManager.hasAccessGroup(pt.digitalis.dif.controller.security.objects.IDIFGroup,
pt.digitalis.dif.dem.interfaces.IStage)
public final boolean hasAccessPublic(Entity entityType, String entityID)
IAuthorizationManager
hasAccessPublic
in interface IAuthorizationManager
entityType
- the entity typeentityID
- the entity ID
IAuthorizationManager.hasAccessPublic(pt.digitalis.dif.dem.Entity,
java.lang.String)
public boolean hasAccessPublic(IApplication application)
IAuthorizationManager
hasAccessPublic
in interface IAuthorizationManager
application
- the application to check
IAuthorizationManager.hasAccessPublic(pt.digitalis.dif.dem.interfaces.IApplication)
public boolean hasAccessPublic(IService service)
IAuthorizationManager
hasAccessPublic
in interface IAuthorizationManager
service
- the stage to check
IAuthorizationManager.hasAccessPublic(pt.digitalis.dif.dem.interfaces.IService)
public final boolean hasAccessPublic(IStage stage)
IAuthorizationManager
hasAccessPublic
in interface IAuthorizationManager
stage
- the stage to check
IAuthorizationManager.hasAccessPublic(pt.digitalis.dif.dem.interfaces.IStage)
public final boolean hasAccessUser(IDIFUser user, Entity entityType, String entityID) throws AuthorizationManagerException
IAuthorizationManager
hasAccessUser
in interface IAuthorizationManager
user
- the the user to check accessentityType
- the entity typeentityID
- the entity ID
AuthorizationManagerException
- if a resource needed for checking authorization credentials can't be accessedIAuthorizationManager.hasAccessUser(pt.digitalis.dif.controller.security.objects.IDIFUser,
pt.digitalis.dif.dem.Entity, java.lang.String)
public boolean hasAccessUser(IDIFUser user, IApplication application) throws AuthorizationManagerException
IAuthorizationManager
hasAccessUser
in interface IAuthorizationManager
user
- the user to check accessapplication
- the application to check
AuthorizationManagerException
- if a resource needed for checking authorization credentials can't be accessedIAuthorizationManager.hasAccessUser(pt.digitalis.dif.controller.security.objects.IDIFUser,
pt.digitalis.dif.dem.interfaces.IApplication)
public boolean hasAccessUser(IDIFUser user, IService service) throws AuthorizationManagerException
IAuthorizationManager
hasAccessUser
in interface IAuthorizationManager
user
- the user to check accessservice
- the service to check
AuthorizationManagerException
- if a resource needed for checking authorization credentials can't be accessedIAuthorizationManager.hasAccessUser(pt.digitalis.dif.controller.security.objects.IDIFUser,
pt.digitalis.dif.dem.interfaces.IService)
public final boolean hasAccessUser(IDIFUser user, IStage stage) throws AuthorizationManagerException
IAuthorizationManager
hasAccessUser
in interface IAuthorizationManager
user
- the user to check accessstage
- the stage to check
AuthorizationManagerException
- if a resource needed for checking authorization credentials can't be accessedIAuthorizationManager.hasAccessUser(pt.digitalis.dif.controller.security.objects.IDIFUser,
pt.digitalis.dif.dem.interfaces.IStage)
public boolean revokeAccessFromGroup(String groupID, Entity entityType, String entityID)
IAuthorizationManager
revokeAccessFromGroup
in interface IAuthorizationManager
groupID
- the id of the group to revoke accessentityType
- the entity typeentityID
- the entity ID
IAuthorizationManager.revokeAccessFromGroup(java.lang.String,
pt.digitalis.dif.dem.Entity, java.lang.String)
public boolean revokeAccessFromPublic(Entity entityType, String entityID)
IAuthorizationManager
revokeAccessFromPublic
in interface IAuthorizationManager
entityType
- the entity typeentityID
- the entity ID
IAuthorizationManager.revokeAccessFromPublic(pt.digitalis.dif.dem.Entity,
java.lang.String)
public boolean revokeAccessFromUser(String userID, Entity entityType, String entityID)
IAuthorizationManager
revokeAccessFromUser
in interface IAuthorizationManager
userID
- the id of the user to revoke accessentityType
- the entity typeentityID
- the entity ID
IAuthorizationManager.revokeAccessFromUser(java.lang.String,
pt.digitalis.dif.dem.Entity, java.lang.String)
public boolean revokeACLEntry(ACLEntry entry)
IAuthorizationManager
revokeACLEntry
in interface IAuthorizationManager
entry
- the entry
IAuthorizationManager.revokeACLEntry(pt.digitalis.dif.controller.security.objects.ACLEntry)
public boolean revokeAllAccessFromGroup(String groupID)
IAuthorizationManager
revokeAllAccessFromGroup
in interface IAuthorizationManager
groupID
- the id of the group to revoke access
IAuthorizationManager.revokeAllAccessFromGroup(java.lang.String)
public boolean revokeAllAccessFromUser(String userID)
IAuthorizationManager
revokeAllAccessFromUser
in interface IAuthorizationManager
userID
- the id of the user to revoke access
IAuthorizationManager.revokeAllAccessFromUser(java.lang.String)
public String toString()
toString
in class Object
Object.toString()
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |