Class ComponentAccessController
- java.lang.Object
-
- org.silverpeas.core.security.authorization.AbstractAccessController<String>
-
- org.silverpeas.core.security.authorization.ComponentAccessController
-
- All Implemented Interfaces:
AccessController<String>
,ComponentAccessControl
@Service @Singleton public class ComponentAccessController extends AbstractAccessController<String> implements ComponentAccessControl
It controls the access of a user to a given Silverpeas component. A Silverpeas component can be either a Silverpeas application instance (like a Kmelia instance for example) or a user personal tool or an administrative tool.- Author:
- ehugonnet
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
ComponentAccessController.DataManager
Data manager.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
fillUserRoles(Set<SilverpeasRole> userRoles, AccessControlContext context, String userId, String componentId)
Fills in the specified set the roles the user plays for the given resource in Silverpeas according to the specified access context.Stream<String>
filterAuthorizedByUser(Collection<String> instanceIds, String userId, AccessControlContext context)
Filters the given object list in order to keep those the specified user is authorized on.boolean
isGroupAuthorized(String groupId, String instanceId)
Is the specified group authorized to access the given object with at least read privileges?boolean
isRightOnTopicsEnabled(String instanceId)
Indicates is the rights are set on node as well as the component.boolean
isUserAuthorized(String userId, String componentId, AccessControlContext context)
Checks if the specified user may access the specified object.-
Methods inherited from class org.silverpeas.core.security.authorization.AbstractAccessController
filterAuthorizedByUser, getUserRoles, isUserAuthorized
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.silverpeas.core.security.authorization.AccessController
filterAuthorizedByUser, getUserRoles, isUserAuthorized, isUserAuthorized
-
Methods inherited from interface org.silverpeas.core.security.authorization.ComponentAccessControl
isUserAuthorized
-
-
-
-
Method Detail
-
isGroupAuthorized
public boolean isGroupAuthorized(String groupId, String instanceId)
Description copied from interface:AccessController
Is the specified group authorized to access the given object with at least read privileges? The roles of the group on the object aren't taken into account. The group should have at least the user role to access the object unless the object is public.- Specified by:
isGroupAuthorized
in interfaceAccessController<String>
- Parameters:
groupId
- the unique identifier of a group.instanceId
- the unique identifier of the object to be accessed.- Returns:
- true if the group can access the given object, false otherwise.
-
isRightOnTopicsEnabled
public boolean isRightOnTopicsEnabled(String instanceId)
Description copied from interface:ComponentAccessControl
Indicates is the rights are set on node as well as the component.- Specified by:
isRightOnTopicsEnabled
in interfaceComponentAccessControl
- Parameters:
instanceId
- the identifier of the component instance.- Returns:
- true if rights are enabled at node level, false otherwise.
-
filterAuthorizedByUser
public Stream<String> filterAuthorizedByUser(Collection<String> instanceIds, String userId, AccessControlContext context)
Description copied from interface:AccessController
Filters the given object list in order to keep those the specified user is authorized on.This aim of this method is to be as efficient as possible on large volume of data.
- Specified by:
filterAuthorizedByUser
in interfaceAccessController<String>
- Overrides:
filterAuthorizedByUser
in classAbstractAccessController<String>
- Parameters:
instanceIds
- the objects to filter.userId
- the unique identifier of the user.context
- the context in which the object is accessed.- Returns:
- true if access is granted - false otherwise.
-
isUserAuthorized
public boolean isUserAuthorized(String userId, String componentId, AccessControlContext context)
Description copied from interface:AccessController
Checks if the specified user may access the specified object.- Specified by:
isUserAuthorized
in interfaceAccessController<String>
- Parameters:
userId
- the unique identifier of the user.componentId
- the object to be accessed.context
- the context in which the object is accessed.- Returns:
- true if access is granted - false otherwise.
-
fillUserRoles
protected void fillUserRoles(Set<SilverpeasRole> userRoles, AccessControlContext context, String userId, String componentId)
Description copied from class:AbstractAccessController
Fills in the specified set the roles the user plays for the given resource in Silverpeas according to the specified access context.- Overrides:
fillUserRoles
in classAbstractAccessController<String>
- Parameters:
userRoles
- the set to fill in.context
- the context defining the type of access with some additional parameters.userId
- the unique identifier of the user.componentId
- the resource in Silverpeas accessed by the user.
-
-