Package com.cmobilecom.af.model.system

Class AccessControlAccessorWrapper

  • public class AccessControlAccessorWrapper
extends java.lang.Object
    AccessControlAccessorWrapper wraps an AccessControlAccessor and an AccessControlContext instance. Delegate all method calls to the wrapped AccessControlAccessor.
    Since:
    5.0

    • Constructor Detail

      • AccessControlAccessorWrapper

        public AccessControlAccessorWrapper​(AccessControlAccessor wrapped,
                                    AccessControlContext context)
        Constructor with wrapped AccessControlAccessor and AccessControlContext instance
        Parameters:
        wrapped - wrapped AccessControlAccessor
        context - AccessControlContext instance, can be null

    • Method Detail

      • canAccessEntity

        public boolean canAccessEntity​(User user,
                               AccessType accessType,
                               DataDescriptor dd)
                        throws SystemException
        Can the user access the data described by the dataDescriptor? If the access control is not defined, the access is allowed.
        Parameters:
        user - the user who accesses data, can be null.
        accessType - access type
        dd - dataDescriptor
        Returns:
        true if allowed.
        Throws:
        SystemException - throw if an error occurs

      • canUserTakeAction

        public boolean canUserTakeAction​(User user,
                                 java.lang.String module,
                                 java.lang.String action)
                          throws SystemException
        Does the user has the permission to take the action?
        Parameters:
        user - the user who is going to take the action, can be null.
        module - the name of module that defines the action, can be null
        action - action name
        Returns:
        true if authorized to take the action
        Throws:
        SystemException - throw if an error occurs

      • canAccessProperty

        public boolean canAccessProperty​(User user,
                                 AccessType accessType,
                                 ModeType mode,
                                 java.lang.String property,
                                 DataDescriptor dd,
                                 boolean checkEntityAccess)
                          throws SystemException
        Can user access the property? If the access control for the property is not defined, the access is allowed. If checkEntityAccess is true, and the user can not access the entity in the mode, access to the property will be denied.
        Parameters:
        user - the user who is going to access the property
        accessType - VIEW or EDIT
        mode - entity show mode: create, view, edit, or query
        property - the property to access
        dd - entity/entityList descriptor
        checkEntityAccess - whether to check entity access first
        Returns:
        true if the user has the permission to access the property
        Throws:
        SystemException - throw if an error occurs

      • authorizeAccessEntityType

        public void authorizeAccessEntityType​(User user,
                                      AccessType accessType,
                                      java.lang.Class entityType)
                               throws AccessDeniedException,
                                      SystemException
        Check if the user can access the entity.
        Parameters:
        user - the user who is tested for the permission
        accessType - AccessType
        entityType - the entityType to be accessed
        Throws:
        AccessDeniedException - throw if access is denied
        SystemException - if any other error occurs

      • authorizeAccessProperty

        public void authorizeAccessProperty​(User user,
                                    AccessType accessType,
                                    ModeType mode,
                                    java.lang.String property,
                                    DataDescriptor dd,
                                    boolean checkEntityAccess)
                             throws AccessDeniedException,
                                    SystemException
        Check if the user can access the property.
        Parameters:
        user - the user who is tested for the permission
        accessType - AccessType
        mode - entity show mode: create, view, edit, or query
        property - the property to access
        dd - entity/entityList descriptor
        checkEntityAccess - whether to check entity access first
        Throws:
        AccessDeniedException - throw if access is denied
        SystemException - throw if any other error occurs

      • isUserHasPermission

        public boolean isUserHasPermission​(User user,
                                   ModuleScopedName modulePermission)
                            throws SystemException
        Does the user have the permission defined in the module?
        Parameters:
        user - user the user for whom to check permission
        modulePermission - module.permissionName
        Returns:
        true if the user has the permission
        Throws:
        SystemException - throw if an error occurs

      • isUserHasPermission

        public boolean isUserHasPermission​(User user,
                                   java.lang.String module,
                                   java.lang.String permission)
                            throws SystemException
        Does the user have the permission defined in the module? Both super role relation and super permission relation are supported. For example: 
          ManageXX is the super permission of CreateXX, EditXX, DeleteXX, ViewXX.
  EditXX is the super permission of ViewXX.
        Parameters:
        user - the user for whom to check permission. If user is null, return false.
        module - the module of the permission
        permission - the permission to check
        Returns:
        true if the user has the permission.
        Throws:
        SystemException - throw if an error occurs

      • canUserAccessType

        public boolean canUserAccessType​(User user,
                                 AccessType accessType,
                                 java.lang.Class entityType)
                          throws SystemException
        Whether the user has the permission to access the entityType.
        Parameters:
        user - the user who is tested for the permission
        accessType - AccessType
        entityType - the entityType to be managed
        Returns:
        true if the user has the permission
        Throws:
        SystemException - throw if an error occurs

      • isAccessTokenHasPermission

        public boolean isAccessTokenHasPermission​(AccessToken accessToken,
                                          java.lang.String scope,
                                          java.lang.String module,
                                          java.lang.String permission)
        Does the accessToken have the permission on the scope?
        Parameters:
        accessToken - an AccessToken
        scope - accessItem scope
        module - the module of the permission
        permission - permission name
        Returns:
        true or false
        Since:
        5.16