Interface AccessController<T>
-
- Type Parameters:
T- The type of object we are checking the access on.
- All Known Subinterfaces:
ComponentAccessControl,NodeAccessControl,PublicationAccessControl,SimpleDocumentAccessControl,SpaceAccessControl
- All Known Implementing Classes:
AbstractAccessController,ComponentAccessController,GrantedAccessController,NodeAccessController,PublicationAccessController,SimpleDocumentAccessController,SpaceAccessController
public interface AccessController<T>A controller of accesses on the Silverpeas resources by a user..- Author:
- ehugonnet
-
-
Method Summary
All Methods Instance Methods Abstract Methods Default Methods Modifier and Type Method Description Stream<T>filterAuthorizedByUser(Collection<T> objects, String userId)Filters the given object list in order to keep those the specified user is authorized on.Stream<T>filterAuthorizedByUser(Collection<T> objects, String userId, AccessControlContext context)Filters the given object list in order to keep those the specified user is authorized on.Set<SilverpeasRole>getUserRoles(String userId, T object, AccessControlContext context)Gets the user roles about the aimed object and by taking in account the context of the access.default booleanisGroupAuthorized(String groupId, T object)Is the specified group authorized to access the given object with at least read privileges?booleanisUserAuthorized(String userId, ResourceIdentifier id)Checks if the specified user may access the object with the specified identifier.booleanisUserAuthorized(String userId, T object)Checks if the specified user may access the specified object.booleanisUserAuthorized(String userId, T object, AccessControlContext context)Checks if the specified user may access the specified object.default booleanisUserAuthorized(Set<SilverpeasRole> userRoles)Checks user authorization from the given role collection.
-
-
-
Method Detail
-
filterAuthorizedByUser
Stream<T> filterAuthorizedByUser(Collection<T> objects, String userId)
Filters the given object list in order to keep those the specified user is authorized on.This aim of this method is to be as efficient as possible on large volume of data.
- Parameters:
objects- the objects to filter.userId- the unique identifier of the user.- Returns:
- true if access is granted - false otherwise.
-
filterAuthorizedByUser
Stream<T> filterAuthorizedByUser(Collection<T> objects, String userId, AccessControlContext context)
Filters the given object list in order to keep those the specified user is authorized on.This aim of this method is to be as efficient as possible on large volume of data.
- Parameters:
objects- the objects to filter.userId- the unique identifier of the user.context- the context in which the object is accessed.- Returns:
- true if access is granted - false otherwise.
-
isUserAuthorized
default boolean isUserAuthorized(Set<SilverpeasRole> userRoles)
Checks user authorization from the given role collection.- Parameters:
userRoles- user roles.- Returns:
- true if user authorization, false otherwise.
-
isUserAuthorized
boolean isUserAuthorized(String userId, ResourceIdentifier id)
Checks if the specified user may access the object with the specified identifier.- Parameters:
userId- the unique identifier of the user.id- the unique identifier of the object to be accessed in Silverpeas.- Returns:
- true if access is granted - false otherwise.
-
isUserAuthorized
boolean isUserAuthorized(String userId, T object)
Checks if the specified user may access the specified object.- Parameters:
userId- the unique identifier of the user.object- the object to be accessed.- Returns:
- true if access is granted - false otherwise.
-
isUserAuthorized
boolean isUserAuthorized(String userId, T object, AccessControlContext context)
Checks if the specified user may access the specified object.- Parameters:
userId- the unique identifier of the user.object- the object to be accessed.context- the context in which the object is accessed.- Returns:
- true if access is granted - false otherwise.
-
getUserRoles
Set<SilverpeasRole> getUserRoles(String userId, T object, AccessControlContext context)
Gets the user roles about the aimed object and by taking in account the context of the access. After a first call, user role are cached (REQUEST live time) in order to increase the performances in case of several call on the same user and object.- Parameters:
userId- the unique identifier of the user.object- the object to be accessed.context- the context in which the object is accessed.- Returns:
- the role the user has about a resource and according to a context.
-
isGroupAuthorized
default boolean isGroupAuthorized(String groupId, T object)
Is the specified group authorized to access the given object with at least read privileges? The roles of the group on the object aren't taken into account. The group should have at least the user role to access the object unless the object is public.- Parameters:
groupId- the unique identifier of a group.object- the unique identifier of the object to be accessed.- Returns:
- true if the group can access the given object, false otherwise.
-
-