de.hybris.platform.hmc.jalo

Class AccessManager

java.lang.Object

de.hybris.platform.hmc.jalo.AccessManager

public class AccessManager
extends Object

This class acts as a translator for the Platform AccessManager . TODO: This class is only for legacy reasons here. The callers should rather use the AccesssManager from jalo.security package directly. Before removing this class we have to make sure that everything can be covered by the AccessManager from jalo.

Since:

2.20

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	AccessManager.PrincipalComparator This comparator is used to alphabetically sort a list of principals.

Field Summary

Fields

Modifier and Type	Field and Description
static String	CHANGE
static String	CHANGE_PERMISSIONS
static String	CREATE
static String	DENY
static String	GRANT
static String	NONE
static String	READ
static String	REMOVE
static SingletonCreator.Creator<AccessManager>	SINGLETON_CREATOR
static String	SUPER_DENY
static String	SUPER_GRANT

Method Summary

Modifier and Type	Method and Description
boolean	canChange(AttributeDescriptor descriptor)
boolean	canChange(ComposedType type)
boolean	canChangeInstance(Item item) Returns true if the current user is allowed to change items of the given type and if all extensions which implements RightsProvider do allow this operation on this item.
boolean	canChangeInstance(Item item, AttributeDescriptor att)
boolean	canChangePermissions(AttributeDescriptor descriptor)
boolean	canChangePermissions(ComposedType type)
boolean	canCreate(ComposedType type)
boolean	canCreateInstance(Item item) Returns true if the current user is allowed to create items of the given type and if all extensions implementing RightsProvider allow editing this item.
boolean	canCreateInstance(Item item, AttributeDescriptor att)
boolean	canRead(AttributeDescriptor descriptor)
boolean	canRead(ComposedType type)
boolean	canRemove(ComposedType type)
boolean	canRemoveInstance(Item item) Returns true if the current user is allowed to remove items of the given type and if all extensions implementing RightsProvider allow editing this item.
boolean	canRemoveInstance(Item item, AttributeDescriptor att) Returns true if the current user is allowed to remove items of the given type and if all extensions implementing RightsProvider allow editing this item.
ArrayList	checkLicence() This Method returns a list with LicenceInfo objects.
static void	filterInvalidPrincipals(Set principals) Filters invalid principals in the given set.
List<UserRight>	getDescriptorUserRights() Returns a map containing the three UserRight objects for the keys READ, CHANGE, and CHANGE_PERMISSIONS...
static AccessManager	getInstance() Returns an instance of AccessManager.
Map	getPermissionMap(AttributeDescriptor attributeDescriptor) Returns the permission map for the given AttributeDescriptor (see Item.getPermissionMap() ) and all 3 userrights which the hmc uses on AttributeDescriptors.
Map	getPermissionMap(ComposedType type) Returns the permission map for the given ComposedType.
Map	getPermissionMap(Principal principal) Returns the permission map for the given Principal and all 5 userrights which the hmc uses on AttributeDescriptors.
Set<Language>	getRestrictedLanguages(Item item)
int	getRightIndex(String userRight) For the given userright key this method returns the index of the appropriate UserRight within the userright list.
List<UserRight>	getTypeUserRights() Returns a map containing the five UserRight objects for the keys READ, CHANGE, CREATE, REMOVE and CHANGE_PERMISSIONS...
boolean	hasRight(AttributeDescriptor descriptor, String userRightKey) Checks if the current Principal has the given right on the given AttributeDescriptor.
boolean	hasRight(ComposedType type, String userRightKey) Checks if the current Principal has the given right on the given ComposedType.
boolean	hasRight(Principal principal, AttributeDescriptor descriptor, String userRightKey) Checks if the given Principal has the given right on the given AttributeDescriptor.
boolean	hasRight(Principal principal, ComposedType type, String userRightKey) Checks if the given Principal has the given right on the given ComposedType.
boolean	isAdmin() Returns true if the current jalosession user is in the admin group.
boolean	isAdmin(Principal principal) Returns true if the given principal is in the admin group.
static void	resetUserRights()
void	setPermissionMap(AttributeDescriptor attributeDescriptor, Map permissionMap) Sets the permission map for the given AttributeDescriptor (see Item.setPermissionsByMap() ) and all 3 userrights which the hmc uses on AttributeDescriptors.
void	setPermissionMap(ComposedType type, Map permissionMap) Sets the permission map for the given ComposedType (see Item.setPermissionsByMap() ) and all 5 userrights which the hmc uses on ComposedTypes.
void	setPermissionMap(Principal principal, Map permissionMap) Sets the permission map for the given Principal and all 5 userrights which the hmc uses on items.
boolean	subTypesVisible(ComposedType type) Returns true if the given type or at least one of its subtypes is visible and non-abstract.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

READ

public static final String READ

See Also:

Constant Field Values

CHANGE

public static final String CHANGE

See Also:

Constant Field Values

CHANGE_PERMISSIONS

public static final String CHANGE_PERMISSIONS

See Also:

Constant Field Values

CREATE

public static final String CREATE

See Also:

Constant Field Values

REMOVE

public static final String REMOVE

See Also:

Constant Field Values

GRANT

public static final String GRANT

See Also:

Constant Field Values

SUPER_GRANT

public static final String SUPER_GRANT

See Also:

Constant Field Values

DENY

public static final String DENY

See Also:

Constant Field Values

SUPER_DENY

public static final String SUPER_DENY

See Also:

Constant Field Values

NONE

public static final String NONE

See Also:

Constant Field Values

SINGLETON_CREATOR

public static final SingletonCreator.Creator<AccessManager> SINGLETON_CREATOR

Method Detail

resetUserRights

public static final void resetUserRights()

getInstance

public static final AccessManager getInstance()

Returns an instance of AccessManager. It is ensured that there will always be only one instance per jalosession if you use this method.

getTypeUserRights

public List<UserRight> getTypeUserRights()

Returns a map containing the five UserRight objects for the keys READ, CHANGE, CREATE, REMOVE and CHANGE_PERMISSIONS...

getDescriptorUserRights

public List<UserRight> getDescriptorUserRights()

Returns a map containing the three UserRight objects for the keys READ, CHANGE, and CHANGE_PERMISSIONS...

getRightIndex

public int getRightIndex(String userRight)

For the given userright key this method returns the index of the appropriate UserRight within the userright list.

Parameters:

userRight - the user right key which must be one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS

hasRight

public boolean hasRight(AttributeDescriptor descriptor,
                        String userRightKey)

Checks if the current Principal has the given right on the given AttributeDescriptor.

Parameters:

descriptor - the AttributeDescriptor which is checked

userRightKey - the key for the userright which should be checked (one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS)

Returns:

true if the permission is granted (either directly on the itemtype or on one of its supertypes), false if the permission is denied (either by an explicit denial or because neither the attributedescriptor nor the enclosing type or its supertype's attributedescriptor has any permission set)

hasRight

public boolean hasRight(Principal principal,
                        AttributeDescriptor descriptor,
                        String userRightKey)

Checks if the given Principal has the given right on the given AttributeDescriptor.

Parameters:

principal - the Principal for which the permission is checked

descriptor - the AttributeDescriptor which is checked

userRightKey - the key for the userright which should be checked (one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS)

Returns:

true if the permission is granted (either directly on the itemtype or on one of its supertypes), false if the permission is denied (either by an explicit denial or because neither the attributedescriptor nor the enclosing type or its supertype's attributedescriptor has any permission set)

hasRight

public boolean hasRight(ComposedType type,
                        String userRightKey)

Checks if the current Principal has the given right on the given ComposedType.

Parameters:

type - the ComposedType which is checked

userRightKey - the key for the userright which should be checked (one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS)

Returns:

true if the permission is granted (either directly on the itemtype or on one of its supertypes), false if the permission is denied (either by an explicit denial or because neither the type nor one of its supertypes has any permission set)

hasRight

public boolean hasRight(Principal principal,
                        ComposedType type,
                        String userRightKey)

Checks if the given Principal has the given right on the given ComposedType.

Parameters:

principal - the Principal for which the permission is checked

type - the ComposedType which is checked

userRightKey - the key for the userright which should be checked (one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS)

Returns:

true if the permission is granted (either directly on the itemtype or on one of its supertypes), false if the permission is denied (either by an explicit denial or because neither the type nor one of its supertypes has any permission set)

isAdmin

public boolean isAdmin()

Returns true if the current jalosession user is in the admin group.

isAdmin

public boolean isAdmin(Principal principal)

Returns true if the given principal is in the admin group.

canChangeInstance

public boolean canChangeInstance(Item item)

Returns true if the current user is allowed to change items of the given type and if all extensions which implements RightsProvider do allow this operation on this item.

Parameters:

item - Item

Returns:

true or false

canChangeInstance

public boolean canChangeInstance(Item item,
                                 AttributeDescriptor att)

canChange

public boolean canChange(ComposedType type)

Returns:

true if the current user is allowed to change items of the given type

canChange

public boolean canChange(AttributeDescriptor descriptor)

Returns:

true if the current user is allowed to change the contents of the given attributedescriptor

canRead

public boolean canRead(ComposedType type)

Returns:

true if the current user is allowed to read items of the given type

canRead

public boolean canRead(AttributeDescriptor descriptor)

Returns:

true if the current user is allowed to read the contents of the given attributedescriptor

canRemoveInstance

public boolean canRemoveInstance(Item item)

Returns true if the current user is allowed to remove items of the given type and if all extensions implementing RightsProvider allow editing this item.

Parameters:

item - Item

Returns:

true or false

canRemoveInstance

public boolean canRemoveInstance(Item item,
                                 AttributeDescriptor att)

Returns true if the current user is allowed to remove items of the given type and if all extensions implementing RightsProvider allow editing this item.

Parameters:

item - the item

att - the attribute descriptor

Returns:

true if the current user is allowed

canRemove

public boolean canRemove(ComposedType type)

Returns:

true if the current user is allowed to remove items of the given type

canChangePermissions

public boolean canChangePermissions(ComposedType type)

Returns:

true if the current user is allowed to change permissions on the given type

canChangePermissions

public boolean canChangePermissions(AttributeDescriptor descriptor)

Returns:

true if the current user is allowed to change permissions of the given attributedescriptor

canCreateInstance

public boolean canCreateInstance(Item item)

Returns true if the current user is allowed to create items of the given type and if all extensions implementing RightsProvider allow editing this item.

Parameters:

item - Item

Returns:

true or false

canCreateInstance

public boolean canCreateInstance(Item item,
                                 AttributeDescriptor att)

canCreate

public boolean canCreate(ComposedType type)

Returns:

true if the current user is allowed to create an item of the given type

getPermissionMap

public Map getPermissionMap(ComposedType type)

Returns the permission map for the given ComposedType. (see Item.getPermissionMap() ) and all 5 userrights which the hmc uses on ComposedTypes.

getPermissionMap

public Map getPermissionMap(AttributeDescriptor attributeDescriptor)

Returns the permission map for the given AttributeDescriptor (see Item.getPermissionMap() ) and all 3 userrights which the hmc uses on AttributeDescriptors.

filterInvalidPrincipals

public static void filterInvalidPrincipals(Set principals)

Filters invalid principals in the given set. I.e. all objects in the set are checked and if they are null, not an instance of Principal or no longer alive, they are removed from the set.

Parameters:

principals - the set which is to be checked

Since:

1.31

setPermissionMap

public void setPermissionMap(ComposedType type,
                             Map permissionMap)

Sets the permission map for the given ComposedType (see Item.setPermissionsByMap() ) and all 5 userrights which the hmc uses on ComposedTypes.

setPermissionMap

public void setPermissionMap(AttributeDescriptor attributeDescriptor,
                             Map permissionMap)

Sets the permission map for the given AttributeDescriptor (see Item.setPermissionsByMap() ) and all 3 userrights which the hmc uses on AttributeDescriptors.

getPermissionMap

public Map getPermissionMap(Principal principal)

Returns the permission map for the given Principal and all 5 userrights which the hmc uses on AttributeDescriptors.

setPermissionMap

public void setPermissionMap(Principal principal,
                             Map permissionMap)

Sets the permission map for the given Principal and all 5 userrights which the hmc uses on items.

subTypesVisible

public boolean subTypesVisible(ComposedType type)

Returns true if the given type or at least one of its subtypes is visible and non-abstract.

Returns:

true if the given type or at least one of its subtypes is visible and non-abstract.

Since:

2.30 beta

checkLicence

public ArrayList checkLicence()

This Method returns a list with LicenceInfo objects. The size of this list is equal to how many licence terms exists.

Since:

2.30 beta

See Also:

AccessManager.checkLicence()

getRestrictedLanguages

public Set<Language> getRestrictedLanguages(Item item)

See Also:

AccessManager.getRestrictedLanguages(Item)