Class TurbineAccessControlListImpl
java.lang.Object
org.apache.fulcrum.security.model.turbine.TurbineAccessControlListImpl
- All Implemented Interfaces:
Serializable,AccessControlList,TurbineAccessControlList
This is a control class that makes it easy to find out if a
particular User has a given Permission. It also determines if a
User has a a particular Role.
- Version:
- $Id: TurbineAccessControlList.java 1096130 2019-03-25 10:37:19Z painter $
- Author:
- John D. McNally, Brett McLaughlin, Greg Ritter, Rafal Krzewski, Henning P. Schmiedehausen, Marco Knüttel
- See Also:
-
Constructor Summary
ConstructorsConstructorDescriptionTurbineAccessControlListImpl(Set<? extends TurbineUserGroupRole> turbineUserGroupRoleSet, GroupManager groupManager, RoleManager roleManager, TurbineModelManager modelManager, org.apache.avalon.framework.logger.Logger logger) Constructs a new AccessControlList. -
Method Summary
Modifier and TypeMethodDescriptionGroup[]Returns all groups defined in the system.Retrieves a set of Groups an user is assigned to.Retrieves a set of Permissions an user is assigned in the global Group.getPermissions(Group group) Retrieves a set of Permissions an user is assigned in a Group.getRoles()Retrieves a set of Roles an user is assigned in the global Group.Retrieves a set of Roles an user is assigned in a Group.booleanhasPermission(String permission) Checks if the user is assigned a specific Permission in the global Group.booleanhasPermission(String permission, String group) Checks if the user is assigned a specific Permission in the Group.booleanhasPermission(String permission, Group group) Checks if the user is assigned a specific Permission in the Group.booleanhasPermission(String permissionName, GroupSet groupset) Checks if the user is assigned a specific Permission in any of the given GroupsbooleanhasPermission(Permission permission) Checks if the user is assigned a specific Permission in the global Group.booleanhasPermission(Permission permission, Group group) Checks if the user is assigned a specific Permission in the Group.booleanhasPermission(Permission permission, GroupSet groupset) Checks if the user is assigned a specific Permission in any of the given GroupsbooleanChecks if the user is assigned a specific Role in the global Group.booleanChecks if the user is assigned a specific Role in the Group.booleanChecks if the user is assigned a specific Role in any of the given GroupsbooleanChecks if the user is assigned a specific Role in the global Group.booleanChecks if the user is assigned a specific Role in the Group.booleanChecks if the user is assigned a specific Role in any of the given Groups
-
Constructor Details
-
TurbineAccessControlListImpl
public TurbineAccessControlListImpl(Set<? extends TurbineUserGroupRole> turbineUserGroupRoleSet, GroupManager groupManager, RoleManager roleManager, TurbineModelManager modelManager, org.apache.avalon.framework.logger.Logger logger) throws FulcrumSecurityException Constructs a new AccessControlList. This class follows 'immutable' pattern - it's objects can't be modified once they are created. This means that the permissions the users have are in effect form the moment they log in to the moment they log out, and changes made to the security settings in that time are not reflected in the state of this object. If you need to reset an user's permissions you need to invalidate his session.- Parameters:
turbineUserGroupRoleSet- The set of user/group/role relations that this acl is built fromgroupManager- the Group managerroleManager- the Role managermodelManager- the model Managerlogger-- Throws:
FulcrumSecurityException- if the global group cannot be retrieved
-
-
Method Details
-
getRoles
Retrieves a set of Roles an user is assigned in a Group.- Specified by:
getRolesin interfaceTurbineAccessControlList- Parameters:
group- the Group- Returns:
- the set of Roles this user has within the Group.
-
getRoles
Retrieves a set of Roles an user is assigned in the global Group.- Specified by:
getRolesin interfaceTurbineAccessControlList- Returns:
- the set of Roles this user has within the global Group or null.
-
getPermissions
Retrieves a set of Permissions an user is assigned in a Group.- Specified by:
getPermissionsin interfaceTurbineAccessControlList- Parameters:
group- the Group- Returns:
- the set of Permissions this user has within the Group.
-
getPermissions
Retrieves a set of Permissions an user is assigned in the global Group.- Specified by:
getPermissionsin interfaceTurbineAccessControlList- Returns:
- the set of Permissions this user has within the global Group.
-
hasRole
Checks if the user is assigned a specific Role in the Group.- Specified by:
hasRolein interfaceTurbineAccessControlList- Parameters:
role- the Rolegroup- the Group- Returns:
trueif the user is assigned the Role in the Group.
-
hasRole
Checks if the user is assigned a specific Role in any of the given Groups- Specified by:
hasRolein interfaceTurbineAccessControlList- Parameters:
role- the Rolegroupset- a Groupset- Returns:
trueif the user is assigned the Role in any of the given Groups.
-
hasRole
Checks if the user is assigned a specific Role in the Group.- Specified by:
hasRolein interfaceTurbineAccessControlList- Parameters:
roleName- the Role namegroupName- the Group name- Returns:
trueif the user is assigned the Role in the Group.
-
hasRole
Checks if the user is assigned a specific Role in any of the given Groups- Specified by:
hasRolein interfaceTurbineAccessControlList- Parameters:
rolename- the name of the Rolegroupset- a Groupset- Returns:
trueif the user is assigned the Role in any of the given Groups.
-
hasRole
Checks if the user is assigned a specific Role in the global Group.- Specified by:
hasRolein interfaceTurbineAccessControlList- Parameters:
role- the Role- Returns:
trueif the user is assigned the Role in the global Group.
-
hasRole
Checks if the user is assigned a specific Role in the global Group.- Specified by:
hasRolein interfaceTurbineAccessControlList- Parameters:
role- the Role- Returns:
trueif the user is assigned the Role in the global Group.
-
hasPermission
Checks if the user is assigned a specific Permission in the Group.- Specified by:
hasPermissionin interfaceTurbineAccessControlList- Parameters:
permission- the Permissiongroup- the Group- Returns:
trueif the user is assigned the Permission in the Group.
-
hasPermission
Checks if the user is assigned a specific Permission in any of the given Groups- Specified by:
hasPermissionin interfaceTurbineAccessControlList- Parameters:
permission- the Permissiongroupset- a Groupset- Returns:
trueif the user is assigned the Permission in any of the given Groups.
-
hasPermission
Checks if the user is assigned a specific Permission in the Group.- Specified by:
hasPermissionin interfaceTurbineAccessControlList- Parameters:
permission- the Permissiongroup- the Group- Returns:
trueif the user is assigned the Permission in the Group.
-
hasPermission
Checks if the user is assigned a specific Permission in the Group.- Specified by:
hasPermissionin interfaceTurbineAccessControlList- Parameters:
permission- the Permissiongroup- the Group- Returns:
trueif the user is assigned the Permission in the Group.
-
hasPermission
Checks if the user is assigned a specific Permission in any of the given Groups- Specified by:
hasPermissionin interfaceTurbineAccessControlList- Parameters:
permissionName- the name of the Permissiongroupset- a Groupset- Returns:
trueif the user is assigned the Permission in any of the given Groups.
-
hasPermission
Checks if the user is assigned a specific Permission in the global Group.- Specified by:
hasPermissionin interfaceTurbineAccessControlList- Parameters:
permission- the Permission- Returns:
trueif the user is assigned the Permission in the global Group.
-
hasPermission
Checks if the user is assigned a specific Permission in the global Group.- Specified by:
hasPermissionin interfaceTurbineAccessControlList- Parameters:
permission- the Permission- Returns:
trueif the user is assigned the Permission in the global Group.
-
getAllGroups
Returns all groups defined in the system. This is useful for debugging, when you want to display all roles and permissions an user is assigned. This method is needed because you can't call static methods of TurbineSecurity class from within WebMacro/Velocity template- Specified by:
getAllGroupsin interfaceTurbineAccessControlList- Returns:
- A Group [] of all groups in the system.
-
getGroupSet
Description copied from interface:TurbineAccessControlListRetrieves a set of Groups an user is assigned to.- Specified by:
getGroupSetin interfaceTurbineAccessControlList- Returns:
- the set of Groups this user is assigned to.
-