Package com.jalios.jcms
Class RightPolicyManager
- java.lang.Object
-
- com.jalios.jcms.policy.AbstractPolicyManager<RightPolicyFilter>
-
- com.jalios.jcms.RightPolicyManager
-
public class RightPolicyManager extends AbstractPolicyManager<RightPolicyFilter>
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.StringMEMBER_READ_RIGHT_ENABLED_PROPERTY
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description booleancallCanBeReadBy(PublicationCriteria pubCriteria)booleancanBeReadBy(boolean isAuthorized, Category cat, Group grp, boolean checkAncestors)Deprecated.since JCMS-8579booleancanBeReadBy(boolean isAuthorized, Category cat, Member mbr, boolean searchInGroups, boolean checkAncestors)booleancanBeReadBy(boolean isAuthorized, Group grp, Member mbr)booleancanBeReadBy(boolean isAuthorized, Member mbrToRead, Member mbrReading, RightInfo rightInfo)Checks if a member can read the specified Member.booleancanBeReadBy(boolean isAuthorized, Publication pub, Group grp, RightInfo rightInfo)Deprecated.since JCMS-8577booleancanBeReadBy(boolean isAuthorized, Publication pub, Member mbr, boolean searchInGroups, RightInfo rightInfo)booleancanBeReadBy(boolean isAuthorized, Workspace ws, Member mbr)booleancanCreateContact(boolean isAuthorized, Member mbr)booleancanCreateWorkspace(boolean isAuthorized, Member mbr, Workspace model)booleancanDeleteOther(boolean isAuthorized, Member mbr, Data data, RightInfo rightInfo)booleancanDeleteOther(boolean isAuthorized, Member mbr, java.lang.Class<? extends Publication> clazz, Workspace ws)Deprecated.booleancanDeleteOther(boolean isAuthorized, Member mbr, java.lang.Class<? extends Publication> clazz, Workspace ws, java.util.Map<java.lang.String,?> contextMap)booleancanManageCategory(boolean isAuthorized, Member mbr, Category cat, boolean searchInGroups, boolean searchInParent)booleancanPublish(boolean isAuthorized, Member mbr, java.lang.Class<? extends Publication> clazz, java.util.Set<? extends Workspace> wsSet)Deprecated.booleancanPublish(boolean isAuthorized, Member mbr, java.lang.Class<? extends Publication> clazz, java.util.Set<? extends Workspace> wsSet, java.util.Map<java.lang.String,?> contextMap)booleancanUpdateOther(boolean isAuthorized, Member mbr, Data data, RightInfo rightInfo)booleancanUpdateOther(boolean isAuthorized, Member mbr, java.lang.Class<? extends Publication> clazz, Workspace ws)Deprecated.booleancanUpdateOther(boolean isAuthorized, Member mbr, java.lang.Class<? extends Publication> clazz, Workspace ws, java.util.Map<java.lang.String,?> contextMap)booleancanUseCategory(boolean isAuthorized, Member mbr, Category cat, boolean searchInGroups, boolean searchInParent)booleancanWorkOn(boolean isAuthorized, Publication pub, Member member, RightInfo rightInfo)ControllerStatuscanWorkOn(ControllerStatus status, int op, Member mbr, Member member)java.lang.BooleancheckAccess(Member member, java.lang.String resource, java.util.Map<java.lang.String,java.lang.Object> context)booleancheckAfterUpload(DocUploadInfo info)booleancheckBeforeUpload(java.lang.String fieldName, java.lang.String contentType, java.lang.String fileName)ControllerStatuscheckHtml(java.lang.String str, java.lang.String field)java.util.Map<java.lang.String,?>getCurrentContextMap()Retrieve the current context map instance if any.RightInfogetCurrentRightInfo()Retrieve the current RightInfo instance if any.static RightPolicyManagergetInstance()protected java.lang.StringgetStatusXmlTagName()java.util.Set<Workspace>getWorkspaceSet(java.util.Set<Workspace> workspaceSet, Member mbr)booleanisAdmin(boolean isAdmin, Member member, Workspace workspace)booleanisMemberReadRightEnabled()Check if member read right is enabled.booleanisWorker(boolean isWorker, Member member, Workspace ws)voidsetMemberReadRightEnabled(java.lang.Boolean isMemberReadRightEnabled)Set whether member read right is enabled or not.-
Methods inherited from class com.jalios.jcms.policy.AbstractPolicyManager
addPolicyFilter, getPolicyFilters, getPolicyFiltersMap, handleException, removePolicyFilter, replacePolicyFilter
-
-
-
-
Field Detail
-
MEMBER_READ_RIGHT_ENABLED_PROPERTY
public static final java.lang.String MEMBER_READ_RIGHT_ENABLED_PROPERTY
- See Also:
- Constant Field Values
-
-
Method Detail
-
getInstance
public static final RightPolicyManager getInstance()
-
getStatusXmlTagName
protected java.lang.String getStatusXmlTagName()
- Specified by:
getStatusXmlTagNamein classAbstractPolicyManager<RightPolicyFilter>
-
canUpdateOther
public boolean canUpdateOther(boolean isAuthorized, Member mbr, Data data, RightInfo rightInfo)- Since:
- jcms-5.7.1
- See Also:
RightPolicyFilter.canUpdateOther(boolean, Member, Data)
-
canDeleteOther
public boolean canDeleteOther(boolean isAuthorized, Member mbr, Data data, RightInfo rightInfo)- Since:
- jcms-5.7.1
- See Also:
RightPolicyFilter.canDeleteOther(boolean, Member, Data)
-
getCurrentRightInfo
public RightInfo getCurrentRightInfo()
Retrieve the current RightInfo instance if any.This method can be used by implementors of one of the following method to retrieve the current RightInfo instance previously computed by JPlatform core or another policy, and thus get/set access to more information on the authorization rational.
Warning: when an authorization was refused for some reason, it could also be refused for another one after.- Returns:
- the current RightInfo instance if any, may return null
- Since:
- jcms-10.0.6 / JCMS-8772
-
getCurrentContextMap
public java.util.Map<java.lang.String,?> getCurrentContextMap()
Retrieve the current context map instance if any.This method can be used by implementors of one of the following method to retrieve additional context information provided by caller of the corresponding methods in
Memberclass (*).RightPolicyFilter.canPublish(boolean, Member, Class, Set)RightPolicyFilter.canUpdateOther(boolean, Member, Class, Workspace)RightPolicyFilter.canDeleteOther(boolean, Member, Class, Workspace)
Member.canPublish(Class, Set, Map)Member.canPublish(Class, Workspace, Map)Member.canPublishSome(Class, Workspace, Map)Member.canUpdateOther(Class, Workspace, Map)Member.canDeleteOther(Class, Workspace, Map)
RightPolicyFilter.CTXT_CATEGORIES:Map<String,?> contextMap = Util.getHashMap(RightPolicyFilter.CTXT_CATEGORIES, Util.getHashSet(getCurrentCategory())); if (loggedMember.canPublish(someClass, someWorkspace, contextMap)) { //... }a RightPolicyFilter may access them to check rights :Map<String,?> contextMap = RightPolicyManager.getInstance().getCurrentContextMap(); Set<Category> categorySet = (contextMap != null) ? (Set<Category>) contextMap.get(RightPolicyFilter.CTXT_CATEGORIES) : null;
- Returns:
- the current context map if any, may return null
- Since:
- jcms-10.0.6 / JCMS-8882
-
callCanBeReadBy
public boolean callCanBeReadBy(PublicationCriteria pubCriteria)
- Since:
- jcms-7.0.0
- See Also:
RightPolicyFilter.canBeReadBy(boolean, Publication, Member, boolean)
-
canBeReadBy
public boolean canBeReadBy(boolean isAuthorized, Publication pub, Member mbr, boolean searchInGroups, RightInfo rightInfo)- Since:
- jcms-5.7.0
- See Also:
RightPolicyFilter.canBeReadBy(boolean, Publication, Member, boolean)
-
canBeReadBy
@Deprecated public boolean canBeReadBy(boolean isAuthorized, Publication pub, Group grp, RightInfo rightInfo)Deprecated.since JCMS-8577- Since:
- jcms-5.7.0
- See Also:
RightPolicyFilter.canBeReadBy(boolean, Publication, Group)
-
canWorkOn
public boolean canWorkOn(boolean isAuthorized, Publication pub, Member member, RightInfo rightInfo)- Since:
- jcms-5.7.0
- See Also:
RightPolicyFilter.canWorkOn(boolean, Publication, Member)
-
canWorkOn
public ControllerStatus canWorkOn(ControllerStatus status, int op, Member mbr, Member member)
- Since:
- jcms-6.1.0
- See Also:
RightPolicyFilter.canWorkOn(ControllerStatus, int, Member, Member)
-
isWorker
public boolean isWorker(boolean isWorker, Member member, Workspace ws)- Since:
- jcms-5.7.1
- See Also:
RightPolicyFilter.isWorker(boolean, Member, Workspace)
-
canPublish
public boolean canPublish(boolean isAuthorized, Member mbr, java.lang.Class<? extends Publication> clazz, java.util.Set<? extends Workspace> wsSet, java.util.Map<java.lang.String,?> contextMap)- Since:
- jcms-10.0.6 / JCMS-8882
- See Also:
RightPolicyFilter.canPublish(boolean, Member, Class, Set)
-
canPublish
@Deprecated public boolean canPublish(boolean isAuthorized, Member mbr, java.lang.Class<? extends Publication> clazz, java.util.Set<? extends Workspace> wsSet)Deprecated.- Since:
- jcms-5.7.1
- See Also:
RightPolicyFilter.canPublish(boolean, Member, Class, Set)
-
canUpdateOther
public boolean canUpdateOther(boolean isAuthorized, Member mbr, java.lang.Class<? extends Publication> clazz, Workspace ws, java.util.Map<java.lang.String,?> contextMap)- Since:
- jcms-10.0.6 / JCMS-8882
- See Also:
RightPolicyFilter.canUpdateOther(boolean, Member, Class, Workspace)
-
canUpdateOther
@Deprecated public boolean canUpdateOther(boolean isAuthorized, Member mbr, java.lang.Class<? extends Publication> clazz, Workspace ws)Deprecated.- Since:
- jcms-5.7.1
- See Also:
RightPolicyFilter.canUpdateOther(boolean, Member, Class, Workspace)
-
canDeleteOther
public boolean canDeleteOther(boolean isAuthorized, Member mbr, java.lang.Class<? extends Publication> clazz, Workspace ws, java.util.Map<java.lang.String,?> contextMap)- Since:
- jcms-6.0.0 / JCMS-8882
- See Also:
RightPolicyFilter.canDeleteOther(boolean, Member, Class, Workspace)
-
canDeleteOther
@Deprecated public boolean canDeleteOther(boolean isAuthorized, Member mbr, java.lang.Class<? extends Publication> clazz, Workspace ws)Deprecated.- Since:
- jcms-5.7.1
- See Also:
RightPolicyFilter.canDeleteOther(boolean, Member, Class, Workspace)
-
canBeReadBy
public boolean canBeReadBy(boolean isAuthorized, Category cat, Member mbr, boolean searchInGroups, boolean checkAncestors)- Since:
- jcms-5.7.0
- See Also:
RightPolicyFilter.canBeReadBy(boolean, Category, Member, boolean, boolean)
-
canBeReadBy
@Deprecated public boolean canBeReadBy(boolean isAuthorized, Category cat, Group grp, boolean checkAncestors)Deprecated.since JCMS-8579- Since:
- jcms-5.7.0
- See Also:
RightPolicyFilter.canBeReadBy(boolean, Category, Group, boolean)
-
canUseCategory
public boolean canUseCategory(boolean isAuthorized, Member mbr, Category cat, boolean searchInGroups, boolean searchInParent)- Since:
- jcms-5.7.1
- See Also:
RightPolicyFilter.canUseCategory(boolean, Member, Category, boolean, boolean)
-
canManageCategory
public boolean canManageCategory(boolean isAuthorized, Member mbr, Category cat, boolean searchInGroups, boolean searchInParent)- Since:
- jcms-5.7.1
- See Also:
RightPolicyFilter.canManageCategory(boolean, Member, Category, boolean, boolean)
-
canCreateWorkspace
public boolean canCreateWorkspace(boolean isAuthorized, Member mbr, Workspace model)- Since:
- jcms-5.7.3
- See Also:
RightPolicyFilter.canCreateWorkspace(boolean, Member, Workspace)
-
getWorkspaceSet
public java.util.Set<Workspace> getWorkspaceSet(java.util.Set<Workspace> workspaceSet, Member mbr)
- Since:
- jcms-7.0.2
- See Also:
RightPolicyFilter.getWorkspaceSet(Set, Member)
-
isAdmin
public boolean isAdmin(boolean isAdmin, Member member, Workspace workspace)- Since:
- jcms-7.1 jcms-7.0.4
- See Also:
RightPolicyFilter.isAdmin(boolean, Member, Workspace)
-
canCreateContact
public boolean canCreateContact(boolean isAuthorized, Member mbr)- Since:
- jcms-8.0.0
- See Also:
RightPolicyFilter.canCreateContact(boolean, Member)
-
canBeReadBy
public boolean canBeReadBy(boolean isAuthorized, Group grp, Member mbr)- Since:
- jcms-5.7.0
- See Also:
RightPolicyFilter.canBeReadBy(boolean, Group, Member)
-
canBeReadBy
public boolean canBeReadBy(boolean isAuthorized, Workspace ws, Member mbr)- Since:
- jcms-10.0.4 / JCMS-8011
- See Also:
RightPolicyFilter.canBeReadBy(boolean, Workspace, Member)
-
isMemberReadRightEnabled
public boolean isMemberReadRightEnabled()
Check if member read right is enabled.- when disabled, the legacy behavior is applied; all member are allowed to see each other.
- when enabled,
Data.canBeReadBy(Member)performs a first level of control to always authorize admin and user themself, then the right policy is invoked withcanBeReadBy(boolean, Member, Member, RightInfo).
It can be configured with the following property (requires a restart) :
member.read-right.enabled: true|false- Returns:
- true if read rights on member are enabled, false otherwise
- Since:
- jcms-10.0.1 / JCMS-4784
- See Also:
canBeReadBy(boolean, Member, Member, RightInfo)
-
setMemberReadRightEnabled
public void setMemberReadRightEnabled(java.lang.Boolean isMemberReadRightEnabled)
Set whether member read right is enabled or not.- Parameters:
isMemberReadRightEnabled- true to enable, false otherwise- See Also:
isMemberReadRightEnabled()
-
canBeReadBy
public boolean canBeReadBy(boolean isAuthorized, Member mbrToRead, Member mbrReading, RightInfo rightInfo)Checks if a member can read the specified Member.Invoked by internal implementation of
Data.canBeReadBy(Member).- Parameters:
isAuthorized- true if internal JCMS control authorized the member to perform this actionmbrToRead- the Member that would be readmbrReading- the Member performing the read operationrightInfo- an optional RightInfo in which the RightPolicyFilter changing the default behavior will be indicated- Returns:
- true if the member can read the Member, false otherwise
- Since:
- jcms-10.0.1 / JCMS-4784
- See Also:
RightPolicyFilter.canBeReadBy(boolean, Member, Member)
-
checkBeforeUpload
public boolean checkBeforeUpload(java.lang.String fieldName, java.lang.String contentType, java.lang.String fileName)- Since:
- jcms-5.7.0
- See Also:
RightPolicyFilter.checkBeforeUpload(String, String, String)
-
checkAfterUpload
public boolean checkAfterUpload(DocUploadInfo info)
- Since:
- jcms-5.7.0
- See Also:
RightPolicyFilter.checkAfterUpload(DocUploadInfo)
-
checkHtml
public ControllerStatus checkHtml(java.lang.String str, java.lang.String field)
-
checkAccess
public java.lang.Boolean checkAccess(Member member, java.lang.String resource, java.util.Map<java.lang.String,java.lang.Object> context)
- Since:
- jcms-7.0.0
- See Also:
RightPolicyFilter.checkAccess(Member, String, Map)
-
-