Class TurbineAccessControlListImpl
java.lang.Object
org.apache.fulcrum.security.model.turbine.TurbineAccessControlListImpl
- All Implemented Interfaces:
Serializable
,AccessControlList
,TurbineAccessControlList
This is a control class that makes it easy to find out if a
particular User has a given Permission. It also determines if a
User has a a particular Role.
- Version:
- $Id: TurbineAccessControlList.java 1096130 2019-03-25 10:37:19Z painter $
- Author:
- John D. McNally, Brett McLaughlin, Greg Ritter, Rafal Krzewski, Henning P. Schmiedehausen, Marco Knüttel
- See Also:
-
Constructor Summary
ConstructorsConstructorDescriptionTurbineAccessControlListImpl
(Set<? extends TurbineUserGroupRole> turbineUserGroupRoleSet, GroupManager groupManager, RoleManager roleManager, TurbineModelManager modelManager, org.apache.avalon.framework.logger.Logger logger) Constructs a new AccessControlList. -
Method Summary
Modifier and TypeMethodDescriptionGroup[]
Returns all groups defined in the system.Retrieves a set of Groups an user is assigned to.Retrieves a set of Permissions an user is assigned in the global Group.getPermissions
(Group group) Retrieves a set of Permissions an user is assigned in a Group.getRoles()
Retrieves a set of Roles an user is assigned in the global Group.Retrieves a set of Roles an user is assigned in a Group.boolean
hasPermission
(String permission) Checks if the user is assigned a specific Permission in the global Group.boolean
hasPermission
(String permission, String group) Checks if the user is assigned a specific Permission in the Group.boolean
hasPermission
(String permission, Group group) Checks if the user is assigned a specific Permission in the Group.boolean
hasPermission
(String permissionName, GroupSet groupset) Checks if the user is assigned a specific Permission in any of the given Groupsboolean
hasPermission
(Permission permission) Checks if the user is assigned a specific Permission in the global Group.boolean
hasPermission
(Permission permission, Group group) Checks if the user is assigned a specific Permission in the Group.boolean
hasPermission
(Permission permission, GroupSet groupset) Checks if the user is assigned a specific Permission in any of the given Groupsboolean
Checks if the user is assigned a specific Role in the global Group.boolean
Checks if the user is assigned a specific Role in the Group.boolean
Checks if the user is assigned a specific Role in any of the given Groupsboolean
Checks if the user is assigned a specific Role in the global Group.boolean
Checks if the user is assigned a specific Role in the Group.boolean
Checks if the user is assigned a specific Role in any of the given Groups
-
Constructor Details
-
TurbineAccessControlListImpl
public TurbineAccessControlListImpl(Set<? extends TurbineUserGroupRole> turbineUserGroupRoleSet, GroupManager groupManager, RoleManager roleManager, TurbineModelManager modelManager, org.apache.avalon.framework.logger.Logger logger) throws FulcrumSecurityException Constructs a new AccessControlList. This class follows 'immutable' pattern - it's objects can't be modified once they are created. This means that the permissions the users have are in effect form the moment they log in to the moment they log out, and changes made to the security settings in that time are not reflected in the state of this object. If you need to reset an user's permissions you need to invalidate his session.- Parameters:
turbineUserGroupRoleSet
- The set of user/group/role relations that this acl is built fromgroupManager
- the Group managerroleManager
- the Role managermodelManager
- the model Managerlogger
-- Throws:
FulcrumSecurityException
- if the global group cannot be retrieved
-
-
Method Details
-
getRoles
Retrieves a set of Roles an user is assigned in a Group.- Specified by:
getRoles
in interfaceTurbineAccessControlList
- Parameters:
group
- the Group- Returns:
- the set of Roles this user has within the Group.
-
getRoles
Retrieves a set of Roles an user is assigned in the global Group.- Specified by:
getRoles
in interfaceTurbineAccessControlList
- Returns:
- the set of Roles this user has within the global Group or null.
-
getPermissions
Retrieves a set of Permissions an user is assigned in a Group.- Specified by:
getPermissions
in interfaceTurbineAccessControlList
- Parameters:
group
- the Group- Returns:
- the set of Permissions this user has within the Group.
-
getPermissions
Retrieves a set of Permissions an user is assigned in the global Group.- Specified by:
getPermissions
in interfaceTurbineAccessControlList
- Returns:
- the set of Permissions this user has within the global Group.
-
hasRole
Checks if the user is assigned a specific Role in the Group.- Specified by:
hasRole
in interfaceTurbineAccessControlList
- Parameters:
role
- the Rolegroup
- the Group- Returns:
true
if the user is assigned the Role in the Group.
-
hasRole
Checks if the user is assigned a specific Role in any of the given Groups- Specified by:
hasRole
in interfaceTurbineAccessControlList
- Parameters:
role
- the Rolegroupset
- a Groupset- Returns:
true
if the user is assigned the Role in any of the given Groups.
-
hasRole
Checks if the user is assigned a specific Role in the Group.- Specified by:
hasRole
in interfaceTurbineAccessControlList
- Parameters:
roleName
- the Role namegroupName
- the Group name- Returns:
true
if the user is assigned the Role in the Group.
-
hasRole
Checks if the user is assigned a specific Role in any of the given Groups- Specified by:
hasRole
in interfaceTurbineAccessControlList
- Parameters:
rolename
- the name of the Rolegroupset
- a Groupset- Returns:
true
if the user is assigned the Role in any of the given Groups.
-
hasRole
Checks if the user is assigned a specific Role in the global Group.- Specified by:
hasRole
in interfaceTurbineAccessControlList
- Parameters:
role
- the Role- Returns:
true
if the user is assigned the Role in the global Group.
-
hasRole
Checks if the user is assigned a specific Role in the global Group.- Specified by:
hasRole
in interfaceTurbineAccessControlList
- Parameters:
role
- the Role- Returns:
true
if the user is assigned the Role in the global Group.
-
hasPermission
Checks if the user is assigned a specific Permission in the Group.- Specified by:
hasPermission
in interfaceTurbineAccessControlList
- Parameters:
permission
- the Permissiongroup
- the Group- Returns:
true
if the user is assigned the Permission in the Group.
-
hasPermission
Checks if the user is assigned a specific Permission in any of the given Groups- Specified by:
hasPermission
in interfaceTurbineAccessControlList
- Parameters:
permission
- the Permissiongroupset
- a Groupset- Returns:
true
if the user is assigned the Permission in any of the given Groups.
-
hasPermission
Checks if the user is assigned a specific Permission in the Group.- Specified by:
hasPermission
in interfaceTurbineAccessControlList
- Parameters:
permission
- the Permissiongroup
- the Group- Returns:
true
if the user is assigned the Permission in the Group.
-
hasPermission
Checks if the user is assigned a specific Permission in the Group.- Specified by:
hasPermission
in interfaceTurbineAccessControlList
- Parameters:
permission
- the Permissiongroup
- the Group- Returns:
true
if the user is assigned the Permission in the Group.
-
hasPermission
Checks if the user is assigned a specific Permission in any of the given Groups- Specified by:
hasPermission
in interfaceTurbineAccessControlList
- Parameters:
permissionName
- the name of the Permissiongroupset
- a Groupset- Returns:
true
if the user is assigned the Permission in any of the given Groups.
-
hasPermission
Checks if the user is assigned a specific Permission in the global Group.- Specified by:
hasPermission
in interfaceTurbineAccessControlList
- Parameters:
permission
- the Permission- Returns:
true
if the user is assigned the Permission in the global Group.
-
hasPermission
Checks if the user is assigned a specific Permission in the global Group.- Specified by:
hasPermission
in interfaceTurbineAccessControlList
- Parameters:
permission
- the Permission- Returns:
true
if the user is assigned the Permission in the global Group.
-
getAllGroups
Returns all groups defined in the system. This is useful for debugging, when you want to display all roles and permissions an user is assigned. This method is needed because you can't call static methods of TurbineSecurity class from within WebMacro/Velocity template- Specified by:
getAllGroups
in interfaceTurbineAccessControlList
- Returns:
- A Group [] of all groups in the system.
-
getGroupSet
Description copied from interface:TurbineAccessControlList
Retrieves a set of Groups an user is assigned to.- Specified by:
getGroupSet
in interfaceTurbineAccessControlList
- Returns:
- the set of Groups this user is assigned to.
-