|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.arsdigita.cms.SecurityManager
Security class used for checking and granting privileges in CMS.
Field Summary | |
static com.arsdigita.kernel.permissions.PrivilegeDescriptor |
CMS_PREVIEW_ITEM_DESCRIPTOR
|
static String |
versionId
|
Constructor Summary | |
SecurityManager(ContentSection section)
|
Method Summary | |
boolean |
canAccess(javax.servlet.http.HttpServletRequest request,
String action)
Determine whether the current user has access to a particular action. |
boolean |
canAccess(javax.servlet.http.HttpServletRequest request,
String action,
ContentItem item)
|
boolean |
canAccess(com.arsdigita.kernel.Party party,
String action)
Determine whether a party has access to a particular action. |
boolean |
canAccess(String action)
|
boolean |
canAccess(com.arsdigita.kernel.User user,
String action,
ContentItem item)
|
protected boolean |
canAdministerCategories(com.arsdigita.kernel.Party party)
|
protected boolean |
canAdministerContentTypes(com.arsdigita.kernel.Party party)
|
protected boolean |
canAdministerLifecycles(com.arsdigita.kernel.Party party)
Checking privileges. |
protected boolean |
canAdministerRoles(com.arsdigita.kernel.Party party)
|
protected boolean |
canAdministerRoles(com.arsdigita.kernel.Party party,
ContentItem item)
|
protected boolean |
canAdministerWorkflow(com.arsdigita.kernel.Party party)
|
protected boolean |
canApplyAlternateWorkflows(com.arsdigita.kernel.Party party)
|
protected boolean |
canApplyAlternateWorkflows(com.arsdigita.kernel.User user,
ContentItem item)
|
protected boolean |
canApplyWorkflow(com.arsdigita.kernel.User user,
ContentItem item)
Check if: |
protected boolean |
canCreateItems(com.arsdigita.kernel.Party party)
|
protected boolean |
canCreateItems(com.arsdigita.kernel.User user,
ContentItem item)
|
protected boolean |
canDeleteImages(com.arsdigita.kernel.Party party)
Returns true if the specified user has the CMS_ITEM_ADMIN permission on the current content item. |
protected boolean |
canDeleteItem(com.arsdigita.kernel.User user,
ContentItem item)
Check if the user has CMS_DELETE_ITEM privelege. |
protected boolean |
canEditItem(com.arsdigita.kernel.User user,
ContentItem item)
Check if: |
protected boolean |
canPublishItems(com.arsdigita.kernel.Party party)
|
protected boolean |
canPublishItems(com.arsdigita.kernel.Party party,
ContentItem item)
|
protected boolean |
canSchedulePublication(com.arsdigita.kernel.User user,
ContentItem item)
Check if: |
protected boolean |
canViewAdminPages(com.arsdigita.kernel.Party party)
Returns true if the specified party has the READ permission on the current content section. |
protected boolean |
canViewPreviewPages(com.arsdigita.kernel.Party party)
Returns true if the specified user has the CMS_PREVIEW_ITEM permission on the current content section. |
protected boolean |
canViewPreviewPages(com.arsdigita.kernel.User user,
ContentItem item)
Returns true if the specified user has the CMS_PREVIEW_ITEM permission on the current content item. |
protected boolean |
canViewPublicPages(com.arsdigita.kernel.Party party)
Returns true if the specified user has the CMS_READ_ITEM permission on the current content section. |
protected boolean |
canViewPublicPages(com.arsdigita.kernel.User user,
ContentItem item)
Returns true if the specified user has the CMS_READ_ITEM permission on the current content item. |
static void |
requireSignIn(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Redirects the user to the login page if not already signed in, setting the return url to the current request URI. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
public static final String versionId
public static final com.arsdigita.kernel.permissions.PrivilegeDescriptor CMS_PREVIEW_ITEM_DESCRIPTOR
Constructor Detail |
public SecurityManager(ContentSection section)
Method Detail |
public final boolean canAccess(String action)
public boolean canAccess(com.arsdigita.kernel.Party party, String action)
canAccess
in interface com.arsdigita.toolbox.Security
party
- The partyaction
- The action
public boolean canAccess(javax.servlet.http.HttpServletRequest request, String action)
request
- The HTTP requestaction
- The action
public boolean canAccess(com.arsdigita.kernel.User user, String action, ContentItem item)
public boolean canAccess(javax.servlet.http.HttpServletRequest request, String action, ContentItem item)
protected boolean canAdministerLifecycles(com.arsdigita.kernel.Party party)
protected boolean canAdministerWorkflow(com.arsdigita.kernel.Party party)
protected boolean canAdministerRoles(com.arsdigita.kernel.Party party)
protected boolean canAdministerRoles(com.arsdigita.kernel.Party party, ContentItem item)
protected boolean canAdministerContentTypes(com.arsdigita.kernel.Party party)
protected boolean canAdministerCategories(com.arsdigita.kernel.Party party)
protected boolean canPublishItems(com.arsdigita.kernel.Party party)
protected boolean canPublishItems(com.arsdigita.kernel.Party party, ContentItem item)
protected boolean canCreateItems(com.arsdigita.kernel.Party party)
protected boolean canCreateItems(com.arsdigita.kernel.User user, ContentItem item)
protected boolean canApplyAlternateWorkflows(com.arsdigita.kernel.Party party)
protected boolean canApplyAlternateWorkflows(com.arsdigita.kernel.User user, ContentItem item)
protected boolean canViewPublicPages(com.arsdigita.kernel.Party party)
protected boolean canViewPublicPages(com.arsdigita.kernel.User user, ContentItem item)
protected boolean canViewPreviewPages(com.arsdigita.kernel.Party party)
protected boolean canViewPreviewPages(com.arsdigita.kernel.User user, ContentItem item)
protected boolean canViewAdminPages(com.arsdigita.kernel.Party party)
protected boolean canDeleteImages(com.arsdigita.kernel.Party party)
protected boolean canEditItem(com.arsdigita.kernel.User user, ContentItem item)
Check if:
user
- The useritem
- The content item
protected boolean canSchedulePublication(com.arsdigita.kernel.User user, ContentItem item)
Check if:
user
- The useritem
- The content item
protected boolean canDeleteItem(com.arsdigita.kernel.User user, ContentItem item)
user
- The useritem
- The content item
protected boolean canApplyWorkflow(com.arsdigita.kernel.User user, ContentItem item)
Check if:
user
- The useritem
- The content item
public static void requireSignIn(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException, javax.servlet.ServletException
javax.servlet.ServletException
- If there is an exception thrown while
trying to redirect, wrap that exception in a ServletException
IOException
|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |