Package org.silverpeas.core.webapi.base

Interface UserPrivilegeValidation

  • All Known Implementing Classes:
    UserPrivilegeValidator
    public interface UserPrivilegeValidation
    Author:
    mmoquillon

    • Field Detail

      • HTTP_SESSIONKEY

        static final String HTTP_SESSIONKEY
        The HTTP header parameter in an incoming request that carries the user session key. By the user session key could be passed a user token to perform a HTTP request without opening a session. This parameter isn't mandatory as the session key can be found from an active HTTP session. If neither HTTP session nor session key is available for the incoming request, user credentials must be passed in the standard HTTP header parameter Authorization.
        See Also:
        Constant Field Values

      • HTTP_ACCESS_TOKEN

        static final String HTTP_ACCESS_TOKEN
        The name of the standard URI query parameter and of the standard form-encoded parameter in an HTTP request to use in a token based authentication mechanism like for example OAuth2.
        See Also:
        Constant Field Values

      • HTTP_AUTHORIZATION

        static final String HTTP_AUTHORIZATION
        The standard HTTP header parameter in an incoming request that carries user credentials information in order to open an authorized connexion with the web service that backs the referred resource. This parameter must be used when requests aren't sent through an opened HTTP session. It should be the preferred way for a REST client to access resources in Silverpeas as it offers better scalability.
        See Also:
        Constant Field Values

    • Method Detail

      • validateUserAuthentication

        SessionInfo validateUserAuthentication​(javax.servlet.http.HttpServletRequest request,
                                       javax.servlet.http.HttpServletResponse response)
        Validates the authentication of the user at the origin of a web request. The validation checks first the user is already authenticated and then it has a valid opened session in Silverpeas. Otherwise it attempts to open a new session for the user by using its credentials passed through the request (as an HTTP header). Once the authentication succeed, the identification of the user is done and detail about it can then be got, and the session information is set in the header(s) of the HTTP response. A runtime exception is thrown with an HTTP status code UNAUTHORIZED (401) at validation failure. The validation fails when one of the bellowed situation is occurring:
        • The user session key is invalid;
        • The user isn't authenticated and no credentials are passed with the request;
        • The user authentication failed.
        Parameters:
        request - the HTTP request from which the authentication of the caller can be done.
        response - the HTTP response that will be sent with the session information set in the header(s).
        Returns:
        the opened session of the user at the origin of the specified request.
        Throws:
        javax.ws.rs.WebApplicationException - exception if the validation failed.

      • validateUserAuthorizationOnComponentInstance

        void validateUserAuthorizationOnComponentInstance​(User user,
                                                  String instanceId)
        Validates the authorization of the specified user to access the component instance with the specified unique identifier.
        Parameters:
        user - the user for whom the authorization has to be validated.
        instanceId - the unique identifier of the accessed component instance.
        Throws:
        javax.ws.rs.WebApplicationException - exception if the validation failed.

      • validateUserAuthorizationOnAttachment

        void validateUserAuthorizationOnAttachment​(javax.servlet.http.HttpServletRequest request,
                                           User user,
                                           SimpleDocument doc)
        Validates the authorization of the specified user to access the specified attachment.
        Parameters:
        request - the HTTP request from which the authentication of the caller can be done.
        user - the user for whom the authorization has to be validated.
        doc - the document accessed.
        Throws:
        javax.ws.rs.WebApplicationException - exception if the validation failed.

      • validateUserAuthorizationOnPublication

        void validateUserAuthorizationOnPublication​(javax.servlet.http.HttpServletRequest request,
                                            User user,
                                            PublicationDetail publi)
        Validates the authorization of the specified user to access the specified publication.
        Parameters:
        request - the HTTP request from which the authentication of the caller can be done.
        user - the user for whom the authorization has to be validated.
        publi - the publication accessed.
        Throws:
        javax.ws.rs.WebApplicationException - exception if the validation failed.