org.jasig.portal.security.provider
Class DefaultPermissionPolicy

java.lang.Object
  extended by org.jasig.portal.security.provider.DefaultPermissionPolicy
All Implemented Interfaces:
IPermissionPolicy

public class DefaultPermissionPolicy
extends java.lang.Object
implements IPermissionPolicy

Implements a strategy for answering the basic authorization question: does the principal have permission to perform the activity on the target.

Version:
$Revision: 1.7 $
Author:
Dan Ellentuck (de3@columbia.edu)

Constructor Summary
DefaultPermissionPolicy()
          DefaultPermissionPolicy constructor.
 
Method Summary
 boolean doesPrincipalHavePermission(IAuthorizationService service, IAuthorizationPrincipal principal, java.lang.String owner, java.lang.String activity, java.lang.String target)
          Answers if the owner has authorized the principal to perform the activity on the target, based on permissions provided by the service.
private  boolean permissionIsGranted(IPermission p)
          Checks that the permission is explicitly granted and not expired.
private  boolean primDoesPrincipalHavePermission(IAuthorizationPrincipal principal, java.lang.String owner, java.lang.String activity, java.lang.String target, IAuthorizationService service)
          Answers if this specific principal (as opposed to its parents) has the permission.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DefaultPermissionPolicy

public DefaultPermissionPolicy()
DefaultPermissionPolicy constructor.

Method Detail

doesPrincipalHavePermission

public boolean doesPrincipalHavePermission(IAuthorizationService service,
                                           IAuthorizationPrincipal principal,
                                           java.lang.String owner,
                                           java.lang.String activity,
                                           java.lang.String target)
                                    throws AuthorizationException
Answers if the owner has authorized the principal to perform the activity on the target, based on permissions provided by the service. Params service, owner and activity must be non-null.

Specified by:
doesPrincipalHavePermission in interface IPermissionPolicy
Parameters:
service - org.jasig.portal.security.IAuthorizationService
principal - org.jasig.portal.security.IAuthorizationPrincipal
owner - java.lang.String
activity - java.lang.String
target - java.lang.String
Returns:
boolean
Throws:
AuthorizationException

permissionIsGranted

private boolean permissionIsGranted(IPermission p)
Checks that the permission is explicitly granted and not expired.

Parameters:
p - org.jasig.portal.security.IPermission
Returns:
boolean

primDoesPrincipalHavePermission

private boolean primDoesPrincipalHavePermission(IAuthorizationPrincipal principal,
                                                java.lang.String owner,
                                                java.lang.String activity,
                                                java.lang.String target,
                                                IAuthorizationService service)
                                         throws AuthorizationException
Answers if this specific principal (as opposed to its parents) has the permission.

Parameters:
principal - IAuthorizationPrincipal
owner - java.lang.String
activity - java.lang.String
target - java.lang.String
Returns:
boolean
Throws:
AuthorizationException - indicates authorization information could not be retrieved or was invalid.