com.jalios.jcms.policy
Interface RightPolicyFilter

All Superinterfaces:

Comparable, PluginComponent, PolicyFilter

All Known Implementing Classes:

BasicRightPolicyFilter, UnzipRightPolicyFilter

public interface RightPolicyFilter
extends PolicyFilter

The RightPolicyFilter is a hook called JCMS Rights mecanism to handle custom rights. It handle upload, behavior, management and visibility rights. It DO NOT handle create/update/delete rights. for this purpose use DataController.

Since:

jcms-5.7.0

Version:

$Revision: 24054 $

Author:

Jean-Philippe Encausse

Field Summary

static String

REVISION

Method Summary

boolean	canBeReadBy(boolean isAuthorized, Category cat, Group grp, boolean checkAncestors) Called by Category.canBeReadBy(Group, boolean).
boolean	canBeReadBy(boolean isAuthorized, Category cat, Member mbr, boolean searchInGroups, boolean checkAncestors) Called by Category.canBeReadBy(Member, boolean, boolean).
boolean	canBeReadBy(boolean isAuthorized, Publication pub, Group grp) Called by Publication.canBeReadBy(Group).
boolean	canBeReadBy(boolean isAuthorized, Publication pub, Member mbr, boolean searchInGroups) Called by Publication.canBeReadBy(Member, boolean).
boolean	canCreateWorkspace(boolean isAuthorized, Member mbr, Workspace model) Check if this member can create workspace : - ex nihilo if model is null; - by copiing model if model is not null.
boolean	canDeleteOther(boolean isAuthorized, Member mbr, Class clazz, Workspace ws) Check if this member can delete-other this clazz in at least one of the given workspace.
boolean	canDeleteOther(boolean isAuthorized, Member mbr, Data data) Check if this member can delete-other this instance.
boolean	canManageCategory(boolean isAuthorized, Member mbr, Category cat, boolean searchInGroups, boolean searchInParent) Called by Member.canManageCategory(Category, boolean, boolean).
boolean	canPublish(boolean isAuthorized, Member mbr, Class clazz, Set wsSet) Check if this member can publish this clazz in at least one of the given workspace.
boolean	canUpdateOther(boolean isAuthorized, Member mbr, Class clazz, Workspace ws) Check if this member can update-other this clazz in at least one of the given workspace.
boolean	canUpdateOther(boolean isAuthorized, Member mbr, Data data) Check if this member can update-other this instance.
boolean	canUseCategory(boolean isAuthorized, Member mbr, Category cat, boolean searchInGroups, boolean searchInParent) Called by Member.canUseCategory(Category, boolean, boolean).
boolean	canWorkOn(boolean isAuthorized, Publication pub, Member member) Called by Member.canWorkOn(Publication).
ControllerStatus	canWorkOn(ControllerStatus status, int op, Member mbr, Member member) Called by Member.checkMember(int, Member, java.util.Map).
boolean	checkAfterUpload(DocUploadInfo info) Checks if the uploaded file must be accepted or rejected.
boolean	checkBeforeUpload(String fieldName, String contentType, String fileName) Checks if the uploaded file must be accepted or rejected.
ControllerStatus	checkHtml(String str, String field) This method is called to check if the given string does not contain forbidden HTML code
int	getOrder() Returns object orders value.
boolean	isWorker(boolean isWorker, Member member, Workspace ws) Called by Member.isWorker(Workspace) and Member.isWorker().

Methods inherited from interface java.lang.Comparable

compareTo

Methods inherited from interface com.jalios.jcms.plugin.PluginComponent

init

Field Detail

REVISION

static final String REVISION

See Also:

Constant Field Values

Method Detail

canUpdateOther

boolean canUpdateOther(boolean isAuthorized,
                       Member mbr,
                       Data data)

Check if this member can update-other this instance. This method is called by Member.canUpdateOther(Data)

Parameters:

isAuthorized - true if internal JCMS control authorized the member to perform this action

mbr - the member to check

data - the data to check

Returns:

true it the given member can update given instances

canDeleteOther

boolean canDeleteOther(boolean isAuthorized,
                       Member mbr,
                       Data data)

Check if this member can delete-other this instance. This method is called by Member.canDeleteOther(Data)

Parameters:

isAuthorized - true if internal JCMS control authorized the member to perform this action

mbr - the member to check

data - the data to check

Returns:

true it the given member can delete given instances

canBeReadBy

boolean canBeReadBy(boolean isAuthorized,
                    Publication pub,
                    Member mbr,
                    boolean searchInGroups)

Called by Publication.canBeReadBy(Member, boolean). It checks if a member can read the given publication. WARNING: HIGHLY SENSIBLE, do not modify without being sure of what you do, can dramatically impact performance and can break existing rights behaviour.

Parameters:

isAuthorized - true if internal JCMS control authorized the member to perform this action

pub - the publication to check

mbr - the member to check

searchInGroups - if true check if one of the group this member belongs to is authorized to read this publication.

Returns:

true if the member can read this publication

Since:

jcms-4.1

canBeReadBy

boolean canBeReadBy(boolean isAuthorized,
                    Publication pub,
                    Group grp)

Called by Publication.canBeReadBy(Group). It checks if a group can read this publication.

Parameters:

isAuthorized - true if internal JCMS control authorized the member to perform this action

pub - the publication to check

grp - the group to check

Returns:

true if the group can read this publication

Since:

jcms-4.1

canWorkOn

boolean canWorkOn(boolean isAuthorized,
                  Publication pub,
                  Member member)

Called by Member.canWorkOn(Publication). It checks if the given member can work on the given publication (ie, if it has the rights and if it is in a state the member can work in).

Parameters:

isAuthorized - true if internal JCMS control authorized the member to perform this action

pub - the publication to check

member - the member to check

Returns:

true if the member can work on the publication

Since:

jcms-5.0.0

canWorkOn

ControllerStatus canWorkOn(ControllerStatus status,
                           int op,
                           Member mbr,
                           Member member)

Called by Member.checkMember(int, Member, java.util.Map). It checks if the given member can work on the given publication (ie, if it has the rights and if it is in a state the member can work in).

Parameters:

status - the internal JCMS controller status.

op - the operation (OP_CREATE, OP_UPDATE, OP_DELETE)

mbr - the member to check

member - the member to check

Returns:

true if the member can work on the publication

Since:

jcms-6.1.0

isWorker

boolean isWorker(boolean isWorker,
                 Member member,
                 Workspace ws)

Called by Member.isWorker(Workspace) and Member.isWorker(). It checks if the given Member is a Worker for the site or the given workspace

Parameters:

isWorker - true if internal JCMS control authorized the member to perform this action

member - the member to check

ws - the workspace to check or null if caller is Member.isWorker()

Returns:

true if given Member is a Worker

Since:

jcms-5.7.1

canPublish

boolean canPublish(boolean isAuthorized,
                   Member mbr,
                   Class clazz,
                   Set wsSet)

Check if this member can publish this clazz in at least one of the given workspace. This method is called by Member.canPublish(Class, Set)

Parameters:

isAuthorized - true if internal JCMS control authorized the member to perform this action

mbr - the member to check

clazz - the class to check

wsSet - the Set ow workspace to work with

Returns:

true it the given member can publish the given class

canUpdateOther

boolean canUpdateOther(boolean isAuthorized,
                       Member mbr,
                       Class clazz,
                       Workspace ws)

Check if this member can update-other this clazz in at least one of the given workspace. This method is called by Member.canUpdateOther(Class, Workspace)

Parameters:

isAuthorized - true if internal JCMS control authorized the member to perform this action

mbr - the member to check

clazz - the class to check

ws - the Workspace to check

Returns:

true it the given member can update instances of the given class

canDeleteOther

boolean canDeleteOther(boolean isAuthorized,
                       Member mbr,
                       Class clazz,
                       Workspace ws)

Check if this member can delete-other this clazz in at least one of the given workspace. This method is called by Member.canDeleteOther(Class, Workspace)

Parameters:

isAuthorized - true if internal JCMS control authorized the member to perform this action

mbr - the member to check

clazz - the class to check

ws - the Workspace to check

Returns:

true it the given member can delete instances of the given class

canBeReadBy

boolean canBeReadBy(boolean isAuthorized,
                    Category cat,
                    Member mbr,
                    boolean searchInGroups,
                    boolean checkAncestors)

Called by Category.canBeReadBy(Member, boolean, boolean). It checks if a member can read the given category.

Parameters:

isAuthorized - true if internal JCMS control authorized the member to perform this action

cat - the category to check

mbr - the member to check

searchInGroups - if true check if one of the group this member belongs to is authorized to read this category.

checkAncestors - if true checks the read rights of the ancestors of this category.

Returns:

true if the member can read this category

Since:

jcms-4.1

canBeReadBy

boolean canBeReadBy(boolean isAuthorized,
                    Category cat,
                    Group grp,
                    boolean checkAncestors)

Called by Category.canBeReadBy(Group, boolean). It checks if a group can read this category.

Parameters:

isAuthorized - true if internal JCMS control authorized the member to perform this action

cat - the category to check

grp - the group to check

checkAncestors - if true checks the read rights of the ancestors of this category.

Returns:

true if the group can read this category

Since:

jcms-4.1

canUseCategory

boolean canUseCategory(boolean isAuthorized,
                       Member mbr,
                       Category cat,
                       boolean searchInGroups,
                       boolean searchInParent)

Called by Member.canUseCategory(Category, boolean, boolean). It check if a category can be used by given Member. Note In current implementation:

• Always true for admin
• Not called if can not read category

Parameters:

isAuthorized - true if internal JCMS control authorized the member to perform this action

mbr - the member to check

cat - the category to check

searchInGroups - if true check if one of the group this

searchInParent - if true check in parent category

Returns:

true if the member can use (check) this category

Since:

jcms-5.7.1

canManageCategory

boolean canManageCategory(boolean isAuthorized,
                          Member mbr,
                          Category cat,
                          boolean searchInGroups,
                          boolean searchInParent)

Called by Member.canManageCategory(Category, boolean, boolean). It check if a category can be managed by given Member

Parameters:

isAuthorized - true if internal JCMS control authorized the member to perform this action

mbr - the member to check

cat - the category to check

searchInGroups - if true check if one of the group this

searchInParent - if true check in parent category

Returns:

true if the member can manage (edit/update) this category branch

Since:

jcms-5.7.1

canCreateWorkspace

boolean canCreateWorkspace(boolean isAuthorized,
                           Member mbr,
                           Workspace model)

Check if this member can create workspace : - ex nihilo if model is null; - by copiing model if model is not null. This method is called by Member.canCreateWorkspace(Workspace)

Parameters:

isAuthorized - true if internal JCMS control authorized the member to perform this action

mbr - the member to check

model - the workspace to duplicate or null if the workspace has to be created ex nihilo

Returns:

true if a workspace can be created by member false otherwise.

Since:

jcms-5.7.3

checkBeforeUpload

boolean checkBeforeUpload(String fieldName,
                          String contentType,
                          String fileName)

Checks if the uploaded file must be accepted or rejected. This method is called by sub classes of MultiPartFilter AFTER InitFilter BUT BEFORE doInitPage.jsp. The file has not been uploaded. The JcmsContext returned by Channel.getCurrentJcmsContext() is not completly initialized.

Parameters:

fieldName - the name of the field for the given file

contentType - the content type of the file

fileName - the name of the file

Returns:

true if the file is accepted

Since:

jcms-5.7.0

checkAfterUpload

boolean checkAfterUpload(DocUploadInfo info)

Checks if the uploaded file must be accepted or rejected. This method is called by DocUploadInfo.doUpload() called by DocUploadHandler and EditDataHandler for MultiPartRequest BEFORE JavaBean validation. The method Channel.getCurrentJcmsContext() must be called to get more information about Member and Workspace.A DataController must be used to check Document during validation.

Parameters:

info - information about the uploaded file

Returns:

true if the file is accepted

Since:

jcms-5.7.0

checkHtml

ControllerStatus checkHtml(String str,
                           String field)

This method is called to check if the given string does not contain forbidden HTML code

Parameters:

str - the String to be checked

field - the name of the field which is checked

Returns:

a ControllerStatus

Since:

jcms-5.0.0

See Also:

JcmsUtil.checkHtml(String,String)

getOrder

int getOrder()

Returns object orders value.

Returns:

int object orders value.