Class DefaultCMSPermissionChecker

java.lang.Object
de.hybris.platform.cmsfacades.types.service.impl.DefaultCMSPermissionChecker
All Implemented Interfaces:
CMSPermissionChecker

public class DefaultCMSPermissionChecker extends Object implements CMSPermissionChecker
Default implementation of CMSPermissionChecker
  • Constructor Details

    • DefaultCMSPermissionChecker

      public DefaultCMSPermissionChecker()
  • Method Details

    • isAttributeTypeBlacklisted

      protected boolean isAttributeTypeBlacklisted(TypeModel attributeType)
      Method that returns true if the attribute type is not applicable for permission checking. Currently type MediaModel is not applicable for type permission checking.
    • hasPermissionForContainedType

      public boolean hasPermissionForContainedType(AttributeDescriptorModel attribute, String permissionName)
      Type permission checking to see if the current principal has permissions to perform the specified operation (e.g. read, change, create or remove) on the type of an attribute or not.
      • When the attribute is of type ComposedTypeModel, this method verifies that the type specified in the ComposedTypeModel is manageable by the current user.
      • When the attribute is of type AtomicTypeModel, no additional type checking needs to be done. This will always return TRUE.

      Possible scenarios are listed in the table below:

      Sample Attribute Attribute Expected Result
      String name Atomic type always TRUE
      Media media Composed type TRUE when user has permission for Media type
      List<MediaModel> media Collection of Composed type TRUE when user has permission for Media type
      Map<String, MediaModel> media Localized Composed type TRUE when user has permission for Media type
      Map<String, List<MediaModel>> media Localized Collection of Composed type TRUE when user has permission for Media type
      Specified by:
      hasPermissionForContainedType in interface CMSPermissionChecker
      permissionName - - The name of the permission to be checked; valid values defined in PermissionsConstants
      Returns:
      true if the current principal has been granted change permission on the type contained in the non-primitive attribute or the attribute is of type AtomicTypeModel; false otherwise.
      Throws:
      TypePermissionException - when principal cannot READ the type contained in a required attribute.
    • hasPermission

      protected boolean hasPermission(AttributeDescriptorModel attribute, String permissionName, TypeModel attributeType)
      Verifies if the current principal has permissions to perform the specified operation (e.g. read, change, create or remove) on an attribute or not.
      Parameters:
      attribute - - The descriptor that specifies the attribute whose permission to check.
      permissionName - - The name of the permission to be checked; valid values defined in PermissionsConstants
      attributeType - - The TypeModel of the attribute
      Returns:
      TRUE when the user has permission to perform the specified operation on the attribute; FALSE otherwise.
    • hasReadPermission

      protected boolean hasReadPermission(AttributeDescriptorModel attribute, TypeModel attributeType)
      Verifies if the current principal has read permission on an attribute or not.
      Parameters:
      attribute - - The descriptor that specifies the attribute whose permission to check.
      attributeType - - The TypeModel of the attribute
      Returns:
      TRUE when the user has read permission on the attribute; FALSE otherwise.
    • getPermissionCRUDService

      protected PermissionCRUDService getPermissionCRUDService()
    • setPermissionCRUDService

      public void setPermissionCRUDService(PermissionCRUDService permissionCRUDService)
    • getCmsAttributeTypeService

      protected CMSAttributeTypeService getCmsAttributeTypeService()
    • setCmsAttributeTypeService

      public void setCmsAttributeTypeService(CMSAttributeTypeService typeService)