Package de.hybris.platform.hmc.jalo

Class AccessManager

  • public class AccessManager
extends java.lang.Object
    This class acts as a translator for the Platform AccessManager . TODO: This class is only for legacy reasons here. The callers should rather use the AccesssManager from jalo.security package directly. Before removing this class we have to make sure that everything can be covered by the AccessManager from jalo.
    Since:
    2.20

    • Method Detail

      • resetUserRights

        public static final void resetUserRights()

      • getInstance

        public static final AccessManager getInstance()
        Returns an instance of AccessManager. It is ensured that there will always be only one instance per jalosession if you use this method.

      • getTypeUserRights

        public java.util.List<UserRight> getTypeUserRights()
        Returns a map containing the five UserRight objects for the keys READ, CHANGE, CREATE, REMOVE and CHANGE_PERMISSIONS...

      • getDescriptorUserRights

        public java.util.List<UserRight> getDescriptorUserRights()
        Returns a map containing the three UserRight objects for the keys READ, CHANGE, and CHANGE_PERMISSIONS...

      • getRightIndex

        public int getRightIndex​(java.lang.String userRight)
        For the given userright key this method returns the index of the appropriate UserRight within the userright list.
        Parameters:
        userRight - the user right key which must be one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS

      • hasRight

        public boolean hasRight​(AttributeDescriptor descriptor,
                        java.lang.String userRightKey)
        Checks if the current Principal has the given right on the given AttributeDescriptor.
        Parameters:
        descriptor - the AttributeDescriptor which is checked
        userRightKey - the key for the userright which should be checked (one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS)
        Returns:
        true if the permission is granted (either directly on the itemtype or on one of its supertypes), false if the permission is denied (either by an explicit denial or because neither the attributedescriptor nor the enclosing type or its supertype's attributedescriptor has any permission set)

      • hasRight

        public boolean hasRight​(Principal principal,
                        AttributeDescriptor descriptor,
                        java.lang.String userRightKey)
        Checks if the given Principal has the given right on the given AttributeDescriptor.
        Parameters:
        principal - the Principal for which the permission is checked
        descriptor - the AttributeDescriptor which is checked
        userRightKey - the key for the userright which should be checked (one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS)
        Returns:
        true if the permission is granted (either directly on the itemtype or on one of its supertypes), false if the permission is denied (either by an explicit denial or because neither the attributedescriptor nor the enclosing type or its supertype's attributedescriptor has any permission set)

      • hasRight

        public boolean hasRight​(ComposedType type,
                        java.lang.String userRightKey)
        Checks if the current Principal has the given right on the given ComposedType.
        Parameters:
        type - the ComposedType which is checked
        userRightKey - the key for the userright which should be checked (one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS)
        Returns:
        true if the permission is granted (either directly on the itemtype or on one of its supertypes), false if the permission is denied (either by an explicit denial or because neither the type nor one of its supertypes has any permission set)

      • hasRight

        public boolean hasRight​(Principal principal,
                        ComposedType type,
                        java.lang.String userRightKey)
        Checks if the given Principal has the given right on the given ComposedType.
        Parameters:
        principal - the Principal for which the permission is checked
        type - the ComposedType which is checked
        userRightKey - the key for the userright which should be checked (one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS)
        Returns:
        true if the permission is granted (either directly on the itemtype or on one of its supertypes), false if the permission is denied (either by an explicit denial or because neither the type nor one of its supertypes has any permission set)

      • isAdmin

        public boolean isAdmin()
        Returns true if the current jalosession user is in the admin group.

      • isAdmin

        public boolean isAdmin​(Principal principal)
        Returns true if the given principal is in the admin group.

      • canChangeInstance

        public boolean canChangeInstance​(Item item)
        Returns true if the current user is allowed to change items of the given type and if all extensions which implements RightsProvider do allow this operation on this item.
        Parameters:
        item - Item
        Returns:
        true or false

      • canChange

        public boolean canChange​(ComposedType type)
        Returns:
        true if the current user is allowed to change items of the given type

      • canChange

        public boolean canChange​(AttributeDescriptor descriptor)
        Returns:
        true if the current user is allowed to change the contents of the given attributedescriptor

      • canRead

        public boolean canRead​(ComposedType type)
        Returns:
        true if the current user is allowed to read items of the given type

      • canRead

        public boolean canRead​(AttributeDescriptor descriptor)
        Returns:
        true if the current user is allowed to read the contents of the given attributedescriptor

      • canRemoveInstance

        public boolean canRemoveInstance​(Item item)
        Returns true if the current user is allowed to remove items of the given type and if all extensions implementing RightsProvider allow editing this item.
        Parameters:
        item - Item
        Returns:
        true or false

      • canRemoveInstance

        public boolean canRemoveInstance​(Item item,
                                 AttributeDescriptor att)
        Returns true if the current user is allowed to remove items of the given type and if all extensions implementing RightsProvider allow editing this item.
        Parameters:
        item - the item
        att - the attribute descriptor
        Returns:
        true if the current user is allowed

      • canRemove

        public boolean canRemove​(ComposedType type)
        Returns:
        true if the current user is allowed to remove items of the given type

      • canChangePermissions

        public boolean canChangePermissions​(ComposedType type)
        Returns:
        true if the current user is allowed to change permissions on the given type

      • canChangePermissions

        public boolean canChangePermissions​(AttributeDescriptor descriptor)
        Returns:
        true if the current user is allowed to change permissions of the given attributedescriptor

      • canCreateInstance

        public boolean canCreateInstance​(Item item)
        Returns true if the current user is allowed to create items of the given type and if all extensions implementing RightsProvider allow editing this item.
        Parameters:
        item - Item
        Returns:
        true or false

      • canCreate

        public boolean canCreate​(ComposedType type)
        Returns:
        true if the current user is allowed to create an item of the given type

      • getPermissionMap

        public java.util.Map getPermissionMap​(ComposedType type)
        Returns the permission map for the given ComposedType. (see Item.getPermissionMap() ) and all 5 userrights which the hmc uses on ComposedTypes.

      • getPermissionMap

        public java.util.Map getPermissionMap​(AttributeDescriptor attributeDescriptor)
        Returns the permission map for the given AttributeDescriptor (see Item.getPermissionMap() ) and all 3 userrights which the hmc uses on AttributeDescriptors.

      • filterInvalidPrincipals

        public static void filterInvalidPrincipals​(java.util.Set principals)
        Filters invalid principals in the given set. I.e. all objects in the set are checked and if they are null, not an instance of Principal or no longer alive, they are removed from the set.
        Parameters:
        principals - the set which is to be checked
        Since:
        1.31

      • setPermissionMap

        public void setPermissionMap​(ComposedType type,
                             java.util.Map permissionMap)
        Sets the permission map for the given ComposedType (see Item.setPermissionsByMap() ) and all 5 userrights which the hmc uses on ComposedTypes.

      • setPermissionMap

        public void setPermissionMap​(AttributeDescriptor attributeDescriptor,
                             java.util.Map permissionMap)
        Sets the permission map for the given AttributeDescriptor (see Item.setPermissionsByMap() ) and all 3 userrights which the hmc uses on AttributeDescriptors.

      • getPermissionMap

        public java.util.Map getPermissionMap​(Principal principal)
        Returns the permission map for the given Principal and all 5 userrights which the hmc uses on AttributeDescriptors.

      • setPermissionMap

        public void setPermissionMap​(Principal principal,
                             java.util.Map permissionMap)
        Sets the permission map for the given Principal and all 5 userrights which the hmc uses on items.

      • subTypesVisible

        public boolean subTypesVisible​(ComposedType type)
        Returns true if the given type or at least one of its subtypes is visible and non-abstract.
        Returns:
        true if the given type or at least one of its subtypes is visible and non-abstract.
        Since:
        2.30 beta

      • checkLicence

        public java.util.ArrayList checkLicence()
        This Method returns a list with LicenceInfo objects. The size of this list is equal to how many licence terms exists.
        Since:
        2.30 beta
        See Also:
        AccessManager.checkLicence()