Package org.silverpeas.core.security.authorization

Class NodeAccessController

java.lang.Object

org.silverpeas.core.security.authorization.AbstractAccessController<NodePK>

org.silverpeas.core.security.authorization.NodeAccessController

All Implemented Interfaces:

AccessController<NodePK>, NodeAccessControl

@Service
@Singleton
public class NodeAccessController
extends AbstractAccessController<NodePK>
implements NodeAccessControl

Check the access to a node for a user.

Author:

ehugonnet

Method Summary

Modifier and Type	Method	Description
protected void	fillUserRoles(Set<SilverpeasRole> userRoles, AccessControlContext context, String userId, NodePK nodePK)	This method must fill user roles into the given container by taking in account the other parameters.
Stream<NodePK>	filterAuthorizedByUser(Collection<NodePK> nodePks, String userId, AccessControlContext context)	Filters the given object list in order to keep those the specified user is authorized on.
boolean	isGroupAuthorized(String groupId, NodePK nodePK)	Is the specified group authorized to access the given object with at least read privileges?
boolean	isUserAuthorized(String userId, NodeDetail nodeDetail)	Using this method avoid to use perform database request in order to retrieve publication data.
boolean	isUserAuthorized(String userId, NodeDetail nodeDetail, AccessControlContext context)	Using this method avoid to use perform database request in order to retrieve publication data.
boolean	isUserAuthorized(String userId, NodePK nodePK, AccessControlContext context)	Checks if the specified user may access the specified object.
boolean	isUserAuthorized(String userId, ResourceIdentifier id)	Checks if the specified user may access the object with the specified identifier.

Methods inherited from class org.silverpeas.core.security.authorization.AbstractAccessController

filterAuthorizedByUser, getUserRoles, isUserAuthorized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.silverpeas.core.security.authorization.AccessController

filterAuthorizedByUser, getUserRoles, isUserAuthorized, isUserAuthorized

Method Detail

filterAuthorizedByUser

public Stream<NodePK> filterAuthorizedByUser(Collection<NodePK> nodePks,
                                             String userId,
                                             AccessControlContext context)

Description copied from interface: AccessController

Filters the given object list in order to keep those the specified user is authorized on.

This aim of this method is to be as efficient as possible on large volume of data.

Specified by:

filterAuthorizedByUser in interface AccessController<NodePK>

Overrides:

filterAuthorizedByUser in class AbstractAccessController<NodePK>

Parameters:

nodePks - the objects to filter.

userId - the unique identifier of the user.

context - the context in which the object is accessed.

Returns:

true if access is granted - false otherwise.

isUserAuthorized

public boolean isUserAuthorized(String userId,
                                ResourceIdentifier id)

Description copied from interface: AccessController

Checks if the specified user may access the object with the specified identifier.

Specified by:

isUserAuthorized in interface AccessController<NodePK>

Parameters:

userId - the unique identifier of the user.

id - the unique identifier of the object to be accessed in Silverpeas.

Returns:

true if access is granted - false otherwise.

isUserAuthorized

public boolean isUserAuthorized(String userId,
                                NodeDetail nodeDetail)

Description copied from interface: NodeAccessControl

Using this method avoid to use perform database request in order to retrieve publication data.

Specified by:

isUserAuthorized in interface NodeAccessControl

isUserAuthorized

public boolean isUserAuthorized(String userId,
                                NodeDetail nodeDetail,
                                AccessControlContext context)

Description copied from interface: NodeAccessControl

Using this method avoid to use perform database request in order to retrieve publication data.

Specified by:

isUserAuthorized in interface NodeAccessControl

isUserAuthorized

public boolean isUserAuthorized(String userId,
                                NodePK nodePK,
                                AccessControlContext context)

Description copied from interface: AccessController

Checks if the specified user may access the specified object.

Specified by:

isUserAuthorized in interface AccessController<NodePK>

Parameters:

userId - the unique identifier of the user.

nodePK - the object to be accessed.

context - the context in which the object is accessed.

Returns:

true if access is granted - false otherwise.

isGroupAuthorized

public boolean isGroupAuthorized(String groupId,
                                 NodePK nodePK)

Description copied from interface: AccessController

Is the specified group authorized to access the given object with at least read privileges? The roles of the group on the object aren't taken into account. The group should have at least the user role to access the object unless the object is public.

Specified by:

isGroupAuthorized in interface AccessController<NodePK>

Parameters:

groupId - the unique identifier of a group.

nodePK - the unique identifier of the object to be accessed.

Returns:

true if the group can access the given object, false otherwise.

fillUserRoles

protected void fillUserRoles(Set<SilverpeasRole> userRoles,
                             AccessControlContext context,
                             String userId,
                             NodePK nodePK)

Description copied from class: AbstractAccessController

This method must fill user roles into the given container by taking in account the other parameters.

Overrides:

fillUserRoles in class AbstractAccessController<NodePK>