|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.arsdigita.domain.DomainService
com.arsdigita.kernel.permissions.PermissionService
A utility class for controlling user access to domain/data objects.
PermissionDescriptor
Field Summary | |
static String |
versionId
|
Constructor Summary | |
PermissionService()
|
Method Summary | |
static void |
assertPermission(PermissionDescriptor permission)
Throws a PermissionException if the result of checkPermission on the given PermissionDescriptor is false. |
static boolean |
checkDirectPermission(PermissionDescriptor permission)
|
static boolean |
checkPermission(PermissionDescriptor permission)
Checks the permission represented by the passed in PermissionDescriptor . |
static void |
clonePermissions(ACSObject acsObject)
Adds explicit permissions to the object specified by acsObject to all permissions currently inherited from its permission context and resets the permissions context to null. |
static void |
clonePermissions(OID acsObjectOID)
Adds explicit permissions to the object specified by acsObjectOID to all permissions currently inherited from its permission context and resets the permissions context to null. |
static void |
filterObjects(DataCollection dataCollection,
PrivilegeDescriptor privilege,
OID userOID)
Filters a data collection to include only those objects that the specified user has the specified privilege on. |
static void |
filterObjects(DomainCollection domainCollection,
PrivilegeDescriptor privilege,
OID userOID)
Filters a domain collection to include only those objects that the specified user has the specified privilege on. |
static void |
filterQuery(DataQuery dataQuery,
String propertyName,
PrivilegeDescriptor privilege,
OID userOID)
Filters a data query to include only those results where the specified user has the specified privilege on the ACSObject identified by the specified property name. |
static DataObject |
getContext(ACSObject acsObject)
Returns the data object that serves as the permission context of the specified ACS object. |
static DataObject |
getContext(OID oid)
Returns the data object that serves as the permission context of the ACS object specified by OID. |
static ObjectPermissionCollection |
getDirectGrantedPermissions(OID acsObjectOID)
Returns the set of permissions that have been granted directly on the specified object, excluding those inherited from the object's permission context. |
static Iterator |
getDirectPrivileges(OID object,
OID party)
Gets the privileges that the specified party has been directly granted on the specified object. |
static Filter |
getFilterQuery(FilterFactory factory,
String propertyName,
PrivilegeDescriptor privilege,
OID partyOID)
Returns a Filter to include only those results where the specified user has the specified privilege on the ACSObject identified by the specified property name. |
static ObjectPermissionCollection |
getGrantedPermissions(OID acsObjectOID)
Returns the set of permissions that have been granted on the specified object, including those inherited from the object's permission context. |
static ObjectPermissionCollection |
getGrantedUniversalPermissions()
Returns the set of permissions that have been granted universally. |
static Iterator |
getImpliedPrivileges(OID object,
OID party)
Gets all the privileges that the specified party has on the specified object, including implied privileges. |
static Filter |
getObjectFilterQuery(FilterFactory factory,
String propertyName,
PrivilegeDescriptor privilege,
OID oid)
|
static Iterator |
getPrivileges(OID object,
OID party)
Gets the privileges that the specified party has on the specified object. |
static void |
grantPermission(PermissionDescriptor permission)
Grants the permission as specified by the PermissionDescriptor parameters. |
static boolean |
isEnabled()
Returns true if permission checks are currently enabled, false if they are disabled. |
static void |
objectFilterQuery(DataQuery dataQuery,
String propertyName,
PrivilegeDescriptor privilege,
OID objectOID)
Filters a data query that retrieves a list of users by only allowing the users who have access to the specified object. |
static void |
revokePartyPermissions(OID partyOID)
Revoke all permissions belonging to the specified party. |
static void |
revokePermission(PermissionDescriptor permission)
Revokes the permission that is specified by the passed in PermissionDescriptor . |
static void |
setContext(ACSObject acsObject,
ACSObject context)
Sets the permission context of the object specified by acsObject to the object specified by context. |
static void |
setContext(OID acsObjectOID,
OID contextOID)
Sets the permission context of the object specified by acsObjectOID to the object specified by contextOID. |
static void |
setEnabled(boolean value)
Used to enable or disable permission checks on a system wide basis. |
static void |
setPermissionManager(PermissionManager manager)
Sets the PermissionManager |
Methods inherited from class com.arsdigita.domain.DomainService |
add, add, clear, get, getDataCollection, getDataObject, remove, remove, set, setAssociation |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
public static final String versionId
Constructor Detail |
public PermissionService()
Method Detail |
public static void setPermissionManager(PermissionManager manager)
manager
- The permission manager to use. If the value is null,
the default PermissionManager is used,public static final boolean isEnabled()
public static final void setEnabled(boolean value)
value
- If value is false then permission wide system checks are
disabled.public static void assertPermission(PermissionDescriptor permission)
permission
- the PermissionDescriptor
to checkpublic static boolean checkPermission(PermissionDescriptor permission)
PermissionDescriptor
.
permission
- the PermissionDescriptor
to
provide service to
true
if the PermissionDescriptor's base object has the
specified permission; false
otherwise.public static boolean checkDirectPermission(PermissionDescriptor permission)
public static void grantPermission(PermissionDescriptor permission)
permission
- the PermissionDescriptor to retrieveACSObject
,
PrivilegeDescriptor
public static void revokePermission(PermissionDescriptor permission)
PermissionDescriptor
.
permission
- the PermissionDescriptor that contains the
parameters of the permission to revokeACSObject
,
PrivilegeDescriptor
public static DataObject getContext(OID oid)
oid
- the OID of the ACS object
for which to retrieve the permission context
ACSObject
,
OID
public static DataObject getContext(ACSObject acsObject)
acsObject
- the ACS object for which to retrieve
the permission context
ACSObject
,
OID
public static void setContext(ACSObject acsObject, ACSObject context) throws PersistenceException
acsObject
- the object whose permission context is being
setcontext
- the object to set as the permission context
PersistenceException
- when the setting of the
permission context could not be saved.UniversalPermissionDescriptor
public static void setContext(OID acsObjectOID, OID contextOID) throws PersistenceException
acsObjectOID
- the object whose permission context is being
setcontextOID
- the object to set as the permission context
PersistenceException
- when the setting of the
permission context could not be saved.UniversalPermissionDescriptor
public static void clonePermissions(ACSObject acsObject) throws PersistenceException
acsObject
- the object whose permission context is being
set
PersistenceException
- when the setting of the
permission context could not be saved.public static void clonePermissions(OID acsObjectOID) throws PersistenceException
acsObjectOID
- the object whose permission context is being
set
PersistenceException
- when the setting of the
permission context could not be saved.public static ObjectPermissionCollection getGrantedPermissions(OID acsObjectOID)
acsObjectOID
- the OID of the ACS object whose permissions
are to be returned
public static ObjectPermissionCollection getDirectGrantedPermissions(OID acsObjectOID)
acsObjectOID
- the OID of the ACS object whose permissions
are to be returned
public static ObjectPermissionCollection getGrantedUniversalPermissions()
public static void filterObjects(DataCollection dataCollection, PrivilegeDescriptor privilege, OID userOID)
dataCollection
- the collection to filter. Must be
a collection of type ACSObject.privilege
- the required privilegeuserOID
- the OID of the user whose access is being filteredpublic static void filterObjects(DomainCollection domainCollection, PrivilegeDescriptor privilege, OID userOID)
domainCollection
- the collection to filterprivilege
- the required privilegeuserOID
- the OID of the user whose access is being filteredpublic static void filterQuery(DataQuery dataQuery, String propertyName, PrivilegeDescriptor privilege, OID userOID)
dataQuery
- the query to filterpropertyName
- the name of the query property that contains the
ID values to filter. (The values are assumed to be IDs of ACSObjects.)privilege
- the required privilegeuserOID
- the OID of the user whose access is being filteredpublic static void objectFilterQuery(DataQuery dataQuery, String propertyName, PrivilegeDescriptor privilege, OID objectOID)
dataQuery
- the query to filterpropertyName
- the name of the query property that contains the
ID values to filter.privilege
- the required privilegeobjectOID
- the OID of the object that the users are trying to accesspublic static Filter getFilterQuery(FilterFactory factory, String propertyName, PrivilegeDescriptor privilege, OID partyOID)
factory
- A FilterFactory to generate the filterpropertyName
- the name of the query property that contains the
ID values to filter. (The values are assumed to be IDs of ACSObjects.)privilege
- the required privilegepartyOID
- the OID of the user whose access is being filtered
public static Filter getObjectFilterQuery(FilterFactory factory, String propertyName, PrivilegeDescriptor privilege, OID oid)
public static Iterator getDirectPrivileges(OID object, OID party)
object
- the OID of the specified objectparty
- the OID of the specified partypublic static Iterator getPrivileges(OID object, OID party)
object
- the OID of the target object of the privileges to be returnedparty
- the OID of the party that privileges are to be returned for
public static Iterator getImpliedPrivileges(OID object, OID party)
object
- the OID of the target object of the privileges to be returnedparty
- the OID of the party that privileges are to be returned for
getPrivileges(OID, OID)
public static void revokePartyPermissions(OID partyOID)
partyOID
- OID of the party whose permissions are to be revoked.
|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |