public class BasicRightPolicyFilter extends AbstractPolicyFilter implements RightPolicyFilter, PluginComponent
RightPolicyFilter| Modifier and Type | Field and Description |
|---|---|
static java.lang.String |
REVISION |
order| Constructor and Description |
|---|
BasicRightPolicyFilter() |
| Modifier and Type | Method and Description |
|---|---|
boolean |
callCanBeReadBy(java.lang.Class clazz)
This convenient method is a simplfied version of
callCanBeReadBy(PublicationCriteria). |
boolean |
callCanBeReadBy(PublicationCriteria pubCriteria)
|
boolean |
canBeReadBy(boolean isAuthorized,
Category cat,
Group grp,
boolean checkAncestors)
Called by
Category.canBeReadBy(Group, boolean). |
boolean |
canBeReadBy(boolean isAuthorized,
Category cat,
Member mbr,
boolean searchInGroups,
boolean checkAncestors)
|
boolean |
canBeReadBy(boolean isAuthorized,
Group grp,
Member mbr)
Called by
Data.canBeReadBy(Member). |
boolean |
canBeReadBy(boolean isAuthorized,
Member mbrToRead,
Member mbrReading)
Checks if a member can read the specified Member.
|
boolean |
canBeReadBy(boolean isAuthorized,
Publication pub,
Group grp)
Called by
Publication.canBeReadBy(Group). |
boolean |
canBeReadBy(boolean isAuthorized,
Publication pub,
Member mbr,
boolean searchInGroups)
Called by
Publication.canBeReadBy(Member, boolean). |
boolean |
canCreateContact(boolean isAuthorized,
Member mbr)
Check if the given member can create a new contact.
|
boolean |
canCreateWorkspace(boolean isAuthorized,
Member mbr,
Workspace model)
Check if this member can create workspace :
- ex nihilo if model is null;
- by copiing model if model is not null.
|
boolean |
canDeleteOther(boolean isAuthorized,
Member mbr,
java.lang.Class clazz,
Workspace ws)
Check if this member can delete-other this clazz in at least one of the given workspace.
|
boolean |
canDeleteOther(boolean isAuthorized,
Member mbr,
Data data)
Check if this member can delete-other this instance.
|
boolean |
canManageCategory(boolean isAuthorized,
Member mbr,
Category cat,
boolean searchInGroups,
boolean searchInParent)
|
boolean |
canPublish(boolean isAuthorized,
Member mbr,
java.lang.Class clazz,
java.util.Set wsSet)
Check if this member can publish this clazz in at least one of the given workspace.
|
boolean |
canUpdateOther(boolean isAuthorized,
Member mbr,
java.lang.Class clazz,
Workspace ws)
Check if this member can update-other this clazz in at least one of the given workspace.
|
boolean |
canUpdateOther(boolean isAuthorized,
Member mbr,
Data data)
Check if this member can update-other this instance.
|
boolean |
canUseCategory(boolean isAuthorized,
Member mbr,
Category cat,
boolean searchInGroups,
boolean searchInParent)
|
boolean |
canWorkOn(boolean isAuthorized,
Publication pub,
Member member)
Called by
Member.canWorkOn(Publication). |
ControllerStatus |
canWorkOn(ControllerStatus status,
int op,
Member mbr,
Member member)
|
java.lang.Boolean |
checkAccess(Member member,
java.lang.String resource,
java.util.Map<java.lang.String,java.lang.Object> context)
The
checkAccess implementation of the BasicRightPolicyFilter does
not modify the default behavior of the AccessControlManager so ACL will be applied
as defined (ie : it returns null). |
boolean |
checkAfterUpload(DocUploadInfo info)
Checks if the uploaded file must be accepted or rejected.
|
boolean |
checkBeforeUpload(java.lang.String fieldName,
java.lang.String contentType,
java.lang.String fileName)
Checks if the uploaded file must be accepted or rejected.
|
ControllerStatus |
checkHtml(java.lang.String str,
java.lang.String field)
This method is called to check if the given string does not
contain forbidden HTML code
|
java.util.Set<Workspace> |
getWorkspaceSet(java.util.Set<Workspace> workspaceSet,
Member mbr)
Retrieve the workspace set of the specified Member.
|
boolean |
init(Plugin plugin)
Initialize the component with the given plugin configuration
|
boolean |
isAdmin(boolean isAdmin,
Member member,
Workspace ws)
Called by
Workspace.isAdmin(Member). |
boolean |
isWorker(boolean isWorker,
Member member,
Workspace ws)
Called by
Member.isWorker(Workspace) and Member.isWorker(). |
compareTo, equals, getOrder, setOrderclone, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitgetOrderpublic static final java.lang.String REVISION
public boolean init(Plugin plugin)
PluginComponentinit in interface PluginComponentplugin - the calling pluginPluginComponent.init(Plugin)public boolean canUpdateOther(boolean isAuthorized,
Member mbr,
Data data)
RightPolicyFilterMember.canUpdateOther(Data)canUpdateOther in interface RightPolicyFilterisAuthorized - true if internal JCMS control authorized the member to perform this actionmbr - the member to checkdata - the data to checkRightPolicyFilter.canUpdateOther(boolean, Member, Data)public boolean canDeleteOther(boolean isAuthorized,
Member mbr,
Data data)
RightPolicyFilterMember.canDeleteOther(Data)canDeleteOther in interface RightPolicyFilterisAuthorized - true if internal JCMS control authorized the member to perform this actionmbr - the member to checkdata - the data to checkRightPolicyFilter.canDeleteOther(boolean, Member, Data)public boolean callCanBeReadBy(PublicationCriteria pubCriteria)
RightPolicyFilterHibernateUtil.queryPublication(PublicationCriteria).
It checks if the method RightPolicyFilter.canBeReadBy(boolean, Publication, Member, boolean) must be called on the results of the query.callCanBeReadBy in interface RightPolicyFilterpubCriteria - the criteria of the query.RightPolicyFilter.canBeReadBy(boolean, Publication, Member, boolean) must be called.RightPolicyFilter.callCanBeReadBy(PublicationCriteria)public boolean callCanBeReadBy(java.lang.Class clazz)
callCanBeReadBy(PublicationCriteria).clazz - the class to check (never null)canBeReadBy(boolean, Publication, Member, boolean) must be called for the given class.public boolean canBeReadBy(boolean isAuthorized,
Publication pub,
Member mbr,
boolean searchInGroups)
RightPolicyFilterPublication.canBeReadBy(Member, boolean). It checks if
a member can read the given publication.
WARNING: HIGHLY SENSIBLE, do not modify without being sure of what you do,
can dramatically impact performance and can break existing rights behaviour.canBeReadBy in interface RightPolicyFilterisAuthorized - true if internal JCMS control authorized the member to perform this actionpub - the publication to checkmbr - the member to checksearchInGroups - if true check if one of the group this
member belongs to is authorized to read this publication.RightPolicyFilter.canBeReadBy(boolean, Publication, Member, boolean)public boolean canBeReadBy(boolean isAuthorized,
Publication pub,
Group grp)
RightPolicyFilterPublication.canBeReadBy(Group). It checks if
a group can read this publication.canBeReadBy in interface RightPolicyFilterisAuthorized - true if internal JCMS control authorized the member to perform this actionpub - the publication to checkgrp - the group to checkRightPolicyFilter.canBeReadBy(boolean, Publication, Group)public boolean canWorkOn(boolean isAuthorized,
Publication pub,
Member member)
RightPolicyFilterMember.canWorkOn(Publication). It checks if the
given member can work on the given publication (ie, if it has the
rights and if it is in a state the member can work in).canWorkOn in interface RightPolicyFilterisAuthorized - true if internal JCMS control authorized the member to perform this actionpub - the publication to checkmember - the member to checkRightPolicyFilter.canWorkOn(boolean, Publication, Member)public ControllerStatus canWorkOn(ControllerStatus status, int op, Member mbr, Member member)
RightPolicyFilterMember.checkMember(int, Member, java.util.Map). It checks if the
given member can work on the given member.canWorkOn in interface RightPolicyFilterstatus - the internal JCMS controller status.op - the operation (OP_CREATE, OP_UPDATE, OP_DELETE)mbr - the member to work onmember - the member to checkRightPolicyFilter.canWorkOn(ControllerStatus, int, Member, Member)public boolean isWorker(boolean isWorker,
Member member,
Workspace ws)
RightPolicyFilterMember.isWorker(Workspace) and Member.isWorker(). It checks
if the given Member is a Worker for the site or the given workspaceisWorker in interface RightPolicyFilterisWorker - true if internal JCMS control authorized the member to perform this actionmember - the member to checkws - the workspace to check or null if caller is Member.isWorker()RightPolicyFilter.isWorker(boolean, Member, Workspace)public boolean canPublish(boolean isAuthorized,
Member mbr,
java.lang.Class clazz,
java.util.Set wsSet)
RightPolicyFilterMember.canPublish(Class, Set)canPublish in interface RightPolicyFilterisAuthorized - true if internal JCMS control authorized the member to perform this actionmbr - the member to checkclazz - the class to checkwsSet - the Set of workspace to work withRightPolicyFilter.canPublish(boolean, Member, Class, Set)public boolean canUpdateOther(boolean isAuthorized,
Member mbr,
java.lang.Class clazz,
Workspace ws)
RightPolicyFilterMember.canUpdateOther(Class, Workspace)canUpdateOther in interface RightPolicyFilterisAuthorized - true if internal JCMS control authorized the member to perform this actionmbr - the member to checkclazz - the class to checkws - the Workspace to checkRightPolicyFilter.canUpdateOther(boolean, Member, Class, Workspace)public boolean canDeleteOther(boolean isAuthorized,
Member mbr,
java.lang.Class clazz,
Workspace ws)
RightPolicyFilterMember.canDeleteOther(Class, Workspace)canDeleteOther in interface RightPolicyFilterisAuthorized - true if internal JCMS control authorized the member to perform this actionmbr - the member to checkclazz - the class to checkws - the Workspace to checkRightPolicyFilter.canDeleteOther(boolean, Member, Class, Workspace)public boolean canBeReadBy(boolean isAuthorized,
Category cat,
Member mbr,
boolean searchInGroups,
boolean checkAncestors)
RightPolicyFilterCategory.canBeReadBy(Member, boolean, boolean). It checks if
a member can read the given category.canBeReadBy in interface RightPolicyFilterisAuthorized - true if internal JCMS control authorized the member to perform this actioncat - the category to checkmbr - the member to checksearchInGroups - if true check if one of the group this
member belongs to is authorized to read this category.checkAncestors - if true checks the read rights of the ancestors of this category.RightPolicyFilter.canBeReadBy(boolean, Category, Member, boolean, boolean)public boolean canBeReadBy(boolean isAuthorized,
Category cat,
Group grp,
boolean checkAncestors)
RightPolicyFilterCategory.canBeReadBy(Group, boolean). It checks if
a group can read this category.canBeReadBy in interface RightPolicyFilterisAuthorized - true if internal JCMS control authorized the member to perform this actioncat - the category to checkgrp - the group to checkcheckAncestors - if true checks the read rights of the ancestors of this category.RightPolicyFilter.canBeReadBy(boolean, Category, Group, boolean)public boolean canUseCategory(boolean isAuthorized,
Member mbr,
Category cat,
boolean searchInGroups,
boolean searchInParent)
RightPolicyFilterMember.canUseCategory(Category, boolean, boolean). It check if a category
can be used by given Member.
Note In current implementation:
canUseCategory in interface RightPolicyFilterisAuthorized - true if internal JCMS control authorized the member to perform this actionmbr - the member to checkcat - the category to checksearchInGroups - if true check if one of the group thissearchInParent - if true check in parent categoryRightPolicyFilter.canUseCategory(boolean, Member, Category, boolean, boolean)public boolean canManageCategory(boolean isAuthorized,
Member mbr,
Category cat,
boolean searchInGroups,
boolean searchInParent)
RightPolicyFilterMember.canManageCategory(Category, boolean, boolean). It check if a category
can be managed by given MembercanManageCategory in interface RightPolicyFilterisAuthorized - true if internal JCMS control authorized the member to perform this actionmbr - the member to checkcat - the category to checksearchInGroups - if true check if one of the group thissearchInParent - if true check in parent categoryRightPolicyFilter.canManageCategory(boolean, Member, Category, boolean, boolean)public boolean canCreateWorkspace(boolean isAuthorized,
Member mbr,
Workspace model)
RightPolicyFilterMember.canCreateWorkspace(Workspace)canCreateWorkspace in interface RightPolicyFilterisAuthorized - true if internal JCMS control authorized the member to perform this actionmbr - the member to checkmodel - the workspace to duplicate or null if the workspace has to be created ex nihiloRightPolicyFilter.canCreateWorkspace(boolean, Member, Workspace)public java.util.Set<Workspace> getWorkspaceSet(java.util.Set<Workspace> workspaceSet, Member mbr)
RightPolicyFilter
This method is called by Member.getWorkspaceSet().
You MUST NOT (and cannot) modify the workspaceSet received in parameters, create a
new TreeSet of workspace and return it.
getWorkspaceSet in interface RightPolicyFilterworkspaceSet - the workspace set computed by internal JCMS routinembr - the member for which the workspace set is computedRightPolicyFilter.getWorkspaceSet(Set, Member)public boolean isAdmin(boolean isAdmin,
Member member,
Workspace ws)
RightPolicyFilterWorkspace.isAdmin(Member). It checks
if the given Member is an administrator for the specified workspace.
If you change the default behavior for a Member, you should also implement
get RightPolicyFilter.getWorkspaceSet(Set, Member) (see issue JCMS-2601 for a implementation example).
isAdmin in interface RightPolicyFilterisAdmin - true if internal JCMS control found member as admin of workspacemember - the member to checkws - the workspace to check, never nullRightPolicyFilter.isAdmin(boolean, Member, Workspace)public boolean canCreateContact(boolean isAuthorized,
Member mbr)
RightPolicyFiltercanCreateContact in interface RightPolicyFilterisAuthorized - true if internal JCMS control authorized the member to perform this actionmbr - the member to checkpublic boolean canBeReadBy(boolean isAuthorized,
Group grp,
Member mbr)
RightPolicyFilterData.canBeReadBy(Member). It checks if
a member can read this group.canBeReadBy in interface RightPolicyFilterisAuthorized - true if internal JCMS control authorized the member to perform this actiongrp - the groupmbr - the memberpublic boolean canBeReadBy(boolean isAuthorized,
Member mbrToRead,
Member mbrReading)
RightPolicyFilter
Invoked by internal implementation of Data.canBeReadBy(Member).
canBeReadBy in interface RightPolicyFilterisAuthorized - true if internal JCMS control authorized the member to perform this actionmbrToRead - the Member that would be readmbrReading - the Member performing the read operationpublic boolean checkBeforeUpload(java.lang.String fieldName,
java.lang.String contentType,
java.lang.String fileName)
RightPolicyFiltercheckBeforeUpload in interface RightPolicyFilterfieldName - the name of the field for the given filecontentType - the content type of the filefileName - the name of the fileRightPolicyFilter.checkBeforeUpload(String, String, String)public boolean checkAfterUpload(DocUploadInfo info)
RightPolicyFiltercheckAfterUpload in interface RightPolicyFilterinfo - information about the uploaded fileRightPolicyFilter.checkAfterUpload(DocUploadInfo)public ControllerStatus checkHtml(java.lang.String str, java.lang.String field)
RightPolicyFiltercheckHtml in interface RightPolicyFilterstr - the String to be checkedfield - the name of the field which is checkedRightPolicyFilter.checkHtml(String, String)public java.lang.Boolean checkAccess(Member member, java.lang.String resource, java.util.Map<java.lang.String,java.lang.Object> context)
checkAccess implementation of the BasicRightPolicyFilter does
not modify the default behavior of the AccessControlManager so ACL will be applied
as defined (ie : it returns null).checkAccess in interface RightPolicyFiltermember - the Member for which access right is verifiedresource - a resource URI using a path representation, eg "admin/dev/store-cleaner"context - an optional context map containing relevant information such as workspace or dataRightPolicyFilter.checkAccess(Member, String, Map)Copyright © 2001-2019 Jalios SA. All Rights Reserved.