|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.jasig.portal.security.provider.AuthorizationImpl
public class AuthorizationImpl
Field Summary | |
---|---|
private boolean |
cachePermissions
variable to determine if we should cache permissions or not. |
private IPermissionPolicy |
defaultPermissionPolicy
The default Permission Policy this Authorization implementation will use. |
private static org.apache.commons.logging.Log |
log
Instance of log in order to log events. |
private java.lang.Class |
PERMISSION_SET_TYPE
The class representing the permission set type. |
private IPermissionStore |
permissionStore
Instance of the Permission Store for storing permission information. |
private static java.lang.String |
PRINCIPAL_SEPARATOR
Constant representing the separator used in the principal key. |
private java.util.Map |
principalCache
The cache to hold the list of principals. |
private static IAuthorizationService |
singleton
The static instance of the AuthorizationImpl for purposes of creating a AuthorizationImpl singleton. |
Constructor Summary | |
---|---|
protected |
AuthorizationImpl()
|
Method Summary | |
---|---|
void |
addPermissions(IPermission[] permissions)
Adds IPermissions to the back end store. |
protected void |
cacheAdd(IPermissionSet ps)
Adds the IPermissionSet to the entity cache. |
protected IPermissionSet |
cacheGet(IAuthorizationPrincipal principal)
Retrieves the IPermissionSet for the IPermissionSet
from the entity cache. |
protected void |
cacheRemove(IAuthorizationPrincipal ap)
Removes the IPermissionSet for this principal from the
entity cache. |
protected void |
cacheUpdate(IPermissionSet ps)
Updates the IPermissionSet in the entity cache. |
boolean |
canPrincipalPublish(IAuthorizationPrincipal principal)
This checks if the framework has granted principal a right to publish. |
boolean |
canPrincipalRender(IAuthorizationPrincipal principal,
int channelPublishId)
Answers if the principal has permission to RENDER this Channel. |
boolean |
canPrincipalSubscribe(IAuthorizationPrincipal principal,
int channelPublishId)
Answers if the principal has permission to SUBSCRIBE to this Channel. |
boolean |
doesPrincipalHavePermission(IAuthorizationPrincipal principal,
java.lang.String owner,
java.lang.String activity,
java.lang.String target)
Answers if the owner has given the principal (or any of its parents) permission to perform the activity on the target. |
boolean |
doesPrincipalHavePermission(IAuthorizationPrincipal principal,
java.lang.String owner,
java.lang.String activity,
java.lang.String target,
IPermissionPolicy policy)
Answers if the owner has given the principal permission to perform the activity on the target, as evaluated by the policy. |
IPermission[] |
getAllPermissionsForPrincipal(IAuthorizationPrincipal principal,
java.lang.String owner,
java.lang.String activity,
java.lang.String target)
Returns the IPermissions owner has granted this Principal for
the specified activity and target. |
java.util.Vector |
getAuthorizedChannels(IAuthorizationPrincipal principal)
Does this mean all channels the principal could conceivably subscribe to or all channels principal is specifically authorized to subscribe to, or what? |
IAuthorizationPrincipal[] |
getAuthorizedPrincipals(java.lang.String owner,
java.lang.String activity,
java.lang.String target)
Returns IAuthorizationPrincipals that have IPermissions for
the given owner, activity and target. |
protected IPermissionPolicy |
getDefaultPermissionPolicy()
|
IGroupMember |
getGroupMember(IAuthorizationPrincipal principal)
|
private IGroupMember |
getGroupMemberForPrincipal(IAuthorizationPrincipal principal)
|
private java.util.Iterator |
getGroupsForPrincipal(IAuthorizationPrincipal principal)
Hook into the Groups system by converting the IAuthorizationPrincipal to
an IGroupMember . |
private java.util.Iterator |
getInheritedPrincipals(IAuthorizationPrincipal principal)
Hook into the Groups system, find all containing groups, and convert the them to IAuthorizationPrincipals . |
IPermission[] |
getPermissionsForOwner(java.lang.String owner,
java.lang.String activity,
java.lang.String target)
Returns the IPermissions owner has granted for the specified activity
and target. |
IPermission[] |
getPermissionsForPrincipal(IAuthorizationPrincipal principal,
java.lang.String owner,
java.lang.String activity,
java.lang.String target)
Returns the IPermissions owner has granted this Principal for
the specified activity and target. |
private IPermissionStore |
getPermissionStore()
|
IAuthorizationPrincipal |
getPrincipal(IPermission permission)
Returns IAuthorizationPrincipal associated with the IPermission . |
private IAuthorizationPrincipal |
getPrincipalForGroup(IEntityGroup group)
|
private IAuthorizationPrincipal[] |
getPrincipalsFromPermissions(IPermission[] permissions)
Returns IAuthorizationPrincipals associated with the IPermission[] . |
private java.lang.String |
getPrincipalString(java.lang.Class pType,
java.lang.String pKey)
|
java.lang.String |
getPrincipalString(IAuthorizationPrincipal principal)
Returns the String used by an IPermission to represent an
IAuthorizationPrincipal . |
IPermission[] |
getUncachedPermissionsForPrincipal(IAuthorizationPrincipal principal,
java.lang.String owner,
java.lang.String activity,
java.lang.String target)
Returns the IPermissions owner has granted this Principal for
the specified activity and target. |
private void |
initialize()
|
IPermission |
newPermission(java.lang.String owner)
Factory method for an IPermission . |
IPermission |
newPermission(java.lang.String owner,
IAuthorizationPrincipal principal)
Factory method for an IPermission . |
IPermissionManager |
newPermissionManager(java.lang.String owner)
Factory method for IPermissionManager. |
IAuthorizationPrincipal |
newPrincipal(IGroupMember groupMember)
Converts an IGroupMember into an IAuthorizationPrincipal . |
IAuthorizationPrincipal |
newPrincipal(java.lang.String key,
java.lang.Class type)
Factory method for IAuthorizationPrincipal. |
IUpdatingPermissionManager |
newUpdatingPermissionManager(java.lang.String owner)
Factory method for IUpdatingPermissionManager. |
private IPermission[] |
primGetPermissionsForPrincipal(IAuthorizationPrincipal principal)
Returns permissions for a principal. |
private IPermission[] |
primGetPermissionsForPrincipal(IAuthorizationPrincipal principal,
java.lang.String owner,
java.lang.String activity,
java.lang.String target)
|
private IAuthorizationPrincipal |
primNewPrincipal(java.lang.String key,
java.lang.Class type)
|
private IPermission[] |
primRetrievePermissions(java.lang.String owner,
java.lang.String principal,
java.lang.String activity,
java.lang.String target)
|
private void |
removeFromPermissionsCache(IAuthorizationPrincipal[] principals)
Removes IPermissions for the IAuthorizationPrincipals from
the cache. |
private void |
removeFromPermissionsCache(IPermission[] permissions)
Removes IPermissions from the cache. |
void |
removePermissions(IPermission[] permissions)
Removes IPermissions from the back end store. |
protected void |
setDefaultPermissionPolicy(IPermissionPolicy newDefaultPermissionPolicy)
|
static IAuthorizationService |
singleton()
|
void |
updatePermissions(IPermission[] permissions)
Updates IPermissions in the back end store. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
private static final org.apache.commons.logging.Log log
private static final java.lang.String PRINCIPAL_SEPARATOR
private static final IAuthorizationService singleton
private IPermissionStore permissionStore
private IPermissionPolicy defaultPermissionPolicy
private java.util.Map principalCache
private java.lang.Class PERMISSION_SET_TYPE
private boolean cachePermissions
Constructor Detail |
---|
protected AuthorizationImpl()
Method Detail |
---|
public void addPermissions(IPermission[] permissions) throws AuthorizationException
IPermissions
to the back end store.
addPermissions
in interface IAuthorizationService
permissions
- IPermission[]
AuthorizationException
protected void cacheAdd(IPermissionSet ps) throws AuthorizationException
IPermissionSet
to the entity cache.
AuthorizationException
protected IPermissionSet cacheGet(IAuthorizationPrincipal principal) throws AuthorizationException
IPermissionSet
for the IPermissionSet
from the entity cache.
AuthorizationException
protected void cacheRemove(IAuthorizationPrincipal ap) throws AuthorizationException
IPermissionSet
for this principal from the
entity cache.
AuthorizationException
protected void cacheUpdate(IPermissionSet ps) throws AuthorizationException
IPermissionSet
in the entity cache.
AuthorizationException
public boolean canPrincipalPublish(IAuthorizationPrincipal principal) throws AuthorizationException
canPrincipalPublish
in interface IAuthorizationService
principal
- IAuthorizationPrincipal
AuthorizationException
public boolean canPrincipalRender(IAuthorizationPrincipal principal, int channelPublishId) throws AuthorizationException
canPrincipalRender
in interface IAuthorizationService
principal
- IAuthorizationPrincipalchannelPublishId
- int
AuthorizationException
- indicates authorization information could not be retrieved.public boolean canPrincipalSubscribe(IAuthorizationPrincipal principal, int channelPublishId) throws AuthorizationException
canPrincipalSubscribe
in interface IAuthorizationService
principal
- IAuthorizationPrincipalchannelPublishId
- int
AuthorizationException
- indicates authorization information could not be retrieved.public boolean doesPrincipalHavePermission(IAuthorizationPrincipal principal, java.lang.String owner, java.lang.String activity, java.lang.String target) throws AuthorizationException
owner
and
activity
must be non-null. If target
is null, then
target is not checked.
doesPrincipalHavePermission
in interface IAuthorizationService
principal
- IAuthorizationPrincipalowner
- java.lang.Stringactivity
- java.lang.Stringtarget
- java.lang.String
AuthorizationException
- indicates authorization information could not
be retrieved.public boolean doesPrincipalHavePermission(IAuthorizationPrincipal principal, java.lang.String owner, java.lang.String activity, java.lang.String target, IPermissionPolicy policy) throws AuthorizationException
policy
, owner
and activity
must be non-null.
doesPrincipalHavePermission
in interface IAuthorizationService
principal
- IAuthorizationPrincipalowner
- java.lang.Stringactivity
- java.lang.Stringtarget
- java.lang.String
AuthorizationException
- indicates authorization information could not
be retrieved.public IPermission[] getAllPermissionsForPrincipal(IAuthorizationPrincipal principal, java.lang.String owner, java.lang.String activity, java.lang.String target) throws AuthorizationException
IPermissions
owner has granted this Principal
for
the specified activity and target. Null parameters will be ignored, that is, all
IPermissions
matching the non-null parameters are retrieved. So,
getPermissions(principal,null, null, null)
should retrieve all IPermissions
for a Principal
. Note that this includes IPermissions
inherited
from groups the Principal
belongs to.
getAllPermissionsForPrincipal
in interface IAuthorizationService
principal
- IAuthorizationPrincipalowner
- java.lang.Stringactivity
- java.lang.Stringtarget
- java.lang.String
AuthorizationException
- indicates authorization information could not
be retrieved.public java.util.Vector getAuthorizedChannels(IAuthorizationPrincipal principal) throws AuthorizationException
getAuthorizedChannels
in interface IAuthorizationService
principal
- IAuthorizationPrincipal
AuthorizationException
- indicates authorization information could notpublic IAuthorizationPrincipal[] getAuthorizedPrincipals(java.lang.String owner, java.lang.String activity, java.lang.String target) throws AuthorizationException
IAuthorizationPrincipals
that have IPermissions
for
the given owner, activity and target.
owner
- activity
- target
-
AuthorizationException
protected IPermissionPolicy getDefaultPermissionPolicy()
public IGroupMember getGroupMember(IAuthorizationPrincipal principal) throws GroupsException
getGroupMember
in interface IAuthorizationService
principal
- org.jasig.portal.security.IAuthorizationPrincipal
GroupsException
private IGroupMember getGroupMemberForPrincipal(IAuthorizationPrincipal principal) throws GroupsException
principal
- org.jasig.portal.security.IAuthorizationPrincipal
GroupsException
private java.util.Iterator getGroupsForPrincipal(IAuthorizationPrincipal principal) throws GroupsException
IAuthorizationPrincipal
to
an IGroupMember
. Returns ALL the groups the IGroupMember
(recursively) belongs to.
principal
- - org.jasig.portal.security.IAuthorizationPrincipal
GroupsException
private java.util.Iterator getInheritedPrincipals(IAuthorizationPrincipal principal) throws AuthorizationException
IAuthorizationPrincipals
.
principal
- - org.jasig.portal.security.IAuthorizationPrincipal
AuthorizationException
public IPermission[] getPermissionsForOwner(java.lang.String owner, java.lang.String activity, java.lang.String target) throws AuthorizationException
IPermissions
owner has granted for the specified activity
and target. Null parameters will be ignored, that is, all IPermissions
matching the non-null parameters are retrieved.
getPermissionsForOwner
in interface IAuthorizationService
owner
- java.lang.Stringactivity
- java.lang.Stringtarget
- java.lang.String
AuthorizationException
- indicates authorization information could not
be retrieved.public IPermission[] getPermissionsForPrincipal(IAuthorizationPrincipal principal, java.lang.String owner, java.lang.String activity, java.lang.String target) throws AuthorizationException
IPermissions
owner has granted this Principal
for
the specified activity and target. Null parameters will be ignored, that is, all
IPermissions
matching the non-null parameters are retrieved. So,
getPermissions(principal,null, null, null)
should retrieve all IPermissions
for a Principal
.
getPermissionsForPrincipal
in interface IAuthorizationService
principal
- IAuthorizationPrincipalowner
- java.lang.Stringactivity
- java.lang.Stringtarget
- java.lang.String
AuthorizationException
- indicates authorization information could not
be retrieved.private IPermissionStore getPermissionStore()
public IAuthorizationPrincipal getPrincipal(IPermission permission) throws AuthorizationException
IAuthorizationPrincipal
associated with the IPermission
.
getPrincipal
in interface IAuthorizationService
permission
- IPermission
AuthorizationException
private IAuthorizationPrincipal getPrincipalForGroup(IEntityGroup group)
group
-
private IAuthorizationPrincipal[] getPrincipalsFromPermissions(IPermission[] permissions) throws AuthorizationException
IAuthorizationPrincipals
associated with the IPermission[]
.
permissions
- IPermission[]
AuthorizationException
public java.lang.String getPrincipalString(IAuthorizationPrincipal principal)
IPermission
to represent an
IAuthorizationPrincipal
.
getPrincipalString
in interface IAuthorizationService
principal
- org.jasig.portal.security.IAuthorizationPrincipalprivate java.lang.String getPrincipalString(java.lang.Class pType, java.lang.String pKey)
public IPermission[] getUncachedPermissionsForPrincipal(IAuthorizationPrincipal principal, java.lang.String owner, java.lang.String activity, java.lang.String target) throws AuthorizationException
IPermissions
owner has granted this Principal
for
the specified activity and target. Null parameters will be ignored, that is, all
IPermissions
matching the non-null parameters are retrieved. So,
getPermissions(principal,null, null, null)
should retrieve all IPermissions
for a Principal
. Ignore any cached IPermissions
.
principal
- IAuthorizationPrincipalowner
- java.lang.Stringactivity
- java.lang.Stringtarget
- java.lang.String
AuthorizationException
- indicates authorization information could not
be retrieved.private void initialize() throws java.lang.IllegalArgumentException
java.lang.IllegalArgumentException
public IPermission newPermission(java.lang.String owner)
IPermission
.
owner
- String
public IPermission newPermission(java.lang.String owner, IAuthorizationPrincipal principal)
IPermission
.
newPermission
in interface IAuthorizationService
owner
- Stringprincipal
- IAuthorizationPrincipal
public IPermissionManager newPermissionManager(java.lang.String owner)
newPermissionManager
in interface IAuthorizationService
owner
- java.lang.String
public IAuthorizationPrincipal newPrincipal(java.lang.String key, java.lang.Class type)
newPrincipal
in interface IAuthorizationService
key
- java.lang.Stringtype
- java.lang.Class
public IAuthorizationPrincipal newPrincipal(IGroupMember groupMember) throws GroupsException
IGroupMember
into an IAuthorizationPrincipal
.
newPrincipal
in interface IAuthorizationService
groupMember
- org.jasig.portal.groups.IGroupMember
GroupsException
private IAuthorizationPrincipal primNewPrincipal(java.lang.String key, java.lang.Class type)
public IUpdatingPermissionManager newUpdatingPermissionManager(java.lang.String owner)
newUpdatingPermissionManager
in interface IAuthorizationService
owner
- java.lang.String
private IPermission[] primGetPermissionsForPrincipal(IAuthorizationPrincipal principal) throws AuthorizationException
principal
- org.jasig.portal.security.IAuthorizationPrincipal
AuthorizationException
private IPermission[] primGetPermissionsForPrincipal(IAuthorizationPrincipal principal, java.lang.String owner, java.lang.String activity, java.lang.String target) throws AuthorizationException
principal
- org.jasig.portal.security.IAuthorizationPrincipalowner
- Stringactivity
- Stringtarget
- String
AuthorizationException
private IPermission[] primRetrievePermissions(java.lang.String owner, java.lang.String principal, java.lang.String activity, java.lang.String target) throws AuthorizationException
owner
- Stringprincipal
- Stringactivity
- Stringtarget
- String
AuthorizationException
private void removeFromPermissionsCache(IAuthorizationPrincipal[] principals) throws AuthorizationException
IPermissions
for the IAuthorizationPrincipals
from
the cache.
principals
- IAuthorizationPrincipal[]
AuthorizationException
private void removeFromPermissionsCache(IPermission[] permissions) throws AuthorizationException
IPermissions
from the cache.
permissions
- IPermission[]
AuthorizationException
public void removePermissions(IPermission[] permissions) throws AuthorizationException
IPermissions
from the back end store.
removePermissions
in interface IAuthorizationService
permissions
- IPermission[]
AuthorizationException
protected void setDefaultPermissionPolicy(IPermissionPolicy newDefaultPermissionPolicy)
newDefaultPermissionPolicy
- org.jasig.portal.security.IPermissionPolicypublic static IAuthorizationService singleton()
public void updatePermissions(IPermission[] permissions) throws AuthorizationException
IPermissions
in the back end store.
updatePermissions
in interface IAuthorizationService
permissions
- IPermission[]
AuthorizationException
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |