Class AccessManager

java.lang.Object
de.hybris.platform.hmc.jalo.AccessManager

public class AccessManager extends Object
This class acts as a translator for the Platform AccessManager . TODO: This class is only for legacy reasons here. The callers should rather use the AccesssManager from jalo.security package directly. Before removing this class we have to make sure that everything can be covered by the AccessManager from jalo.
Since:
2.20
  • Field Details

  • Method Details

    • resetUserRights

      public static final void resetUserRights()
    • getInstance

      public static final AccessManager getInstance()
      Returns an instance of AccessManager. It is ensured that there will always be only one instance per jalosession if you use this method.
    • getTypeUserRights

      public List<UserRight> getTypeUserRights()
      Returns a map containing the five UserRight objects for the keys READ, CHANGE, CREATE, REMOVE and CHANGE_PERMISSIONS...
    • getDescriptorUserRights

      public List<UserRight> getDescriptorUserRights()
      Returns a map containing the three UserRight objects for the keys READ, CHANGE, and CHANGE_PERMISSIONS...
    • getRightIndex

      public int getRightIndex(String userRight)
      For the given userright key this method returns the index of the appropriate UserRight within the userright list.
      Parameters:
      userRight - the user right key which must be one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS
    • hasRight

      public boolean hasRight(AttributeDescriptor descriptor, String userRightKey)
      Checks if the current Principal has the given right on the given AttributeDescriptor.
      Parameters:
      descriptor - the AttributeDescriptor which is checked
      userRightKey - the key for the userright which should be checked (one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS)
      Returns:
      true if the permission is granted (either directly on the itemtype or on one of its supertypes), false if the permission is denied (either by an explicit denial or because neither the attributedescriptor nor the enclosing type or its supertype's attributedescriptor has any permission set)
    • hasRight

      public boolean hasRight(Principal principal, AttributeDescriptor descriptor, String userRightKey)
      Checks if the given Principal has the given right on the given AttributeDescriptor.
      Parameters:
      principal - the Principal for which the permission is checked
      descriptor - the AttributeDescriptor which is checked
      userRightKey - the key for the userright which should be checked (one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS)
      Returns:
      true if the permission is granted (either directly on the itemtype or on one of its supertypes), false if the permission is denied (either by an explicit denial or because neither the attributedescriptor nor the enclosing type or its supertype's attributedescriptor has any permission set)
    • hasRight

      public boolean hasRight(ComposedType type, String userRightKey)
      Checks if the current Principal has the given right on the given ComposedType.
      Parameters:
      type - the ComposedType which is checked
      userRightKey - the key for the userright which should be checked (one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS)
      Returns:
      true if the permission is granted (either directly on the itemtype or on one of its supertypes), false if the permission is denied (either by an explicit denial or because neither the type nor one of its supertypes has any permission set)
    • hasRight

      public boolean hasRight(Principal principal, ComposedType type, String userRightKey)
      Checks if the given Principal has the given right on the given ComposedType.
      Parameters:
      principal - the Principal for which the permission is checked
      type - the ComposedType which is checked
      userRightKey - the key for the userright which should be checked (one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS)
      Returns:
      true if the permission is granted (either directly on the itemtype or on one of its supertypes), false if the permission is denied (either by an explicit denial or because neither the type nor one of its supertypes has any permission set)
    • isAdmin

      public boolean isAdmin()
      Returns true if the current jalosession user is in the admin group.
    • isAdmin

      public boolean isAdmin(Principal principal)
      Returns true if the given principal is in the admin group.
    • canChangeInstance

      public boolean canChangeInstance(Item item)
      Returns true if the current user is allowed to change items of the given type and if all extensions which implements RightsProvider do allow this operation on this item.
      Parameters:
      item - Item
      Returns:
      true or false
    • canChangeInstance

      public boolean canChangeInstance(Item item, AttributeDescriptor att)
    • canChange

      public boolean canChange(ComposedType type)
      Returns:
      true if the current user is allowed to change items of the given type
    • canChange

      public boolean canChange(AttributeDescriptor descriptor)
      Returns:
      true if the current user is allowed to change the contents of the given attributedescriptor
    • canRead

      public boolean canRead(ComposedType type)
      Returns:
      true if the current user is allowed to read items of the given type
    • canRead

      public boolean canRead(AttributeDescriptor descriptor)
      Returns:
      true if the current user is allowed to read the contents of the given attributedescriptor
    • canRemoveInstance

      public boolean canRemoveInstance(Item item)
      Returns true if the current user is allowed to remove items of the given type and if all extensions implementing RightsProvider allow editing this item.
      Parameters:
      item - Item
      Returns:
      true or false
    • canRemoveInstance

      public boolean canRemoveInstance(Item item, AttributeDescriptor att)
      Returns true if the current user is allowed to remove items of the given type and if all extensions implementing RightsProvider allow editing this item.
      Parameters:
      item - the item
      att - the attribute descriptor
      Returns:
      true if the current user is allowed
    • canRemove

      public boolean canRemove(ComposedType type)
      Returns:
      true if the current user is allowed to remove items of the given type
    • canChangePermissions

      public boolean canChangePermissions(ComposedType type)
      Returns:
      true if the current user is allowed to change permissions on the given type
    • canChangePermissions

      public boolean canChangePermissions(AttributeDescriptor descriptor)
      Returns:
      true if the current user is allowed to change permissions of the given attributedescriptor
    • canCreateInstance

      public boolean canCreateInstance(Item item)
      Returns true if the current user is allowed to create items of the given type and if all extensions implementing RightsProvider allow editing this item.
      Parameters:
      item - Item
      Returns:
      true or false
    • canCreateInstance

      public boolean canCreateInstance(Item item, AttributeDescriptor att)
    • canCreate

      public boolean canCreate(ComposedType type)
      Returns:
      true if the current user is allowed to create an item of the given type
    • getPermissionMap

      public Map getPermissionMap(ComposedType type)
      Returns the permission map for the given ComposedType. (see Item.getPermissionMap() ) and all 5 userrights which the hmc uses on ComposedTypes.
    • getPermissionMap

      public Map getPermissionMap(AttributeDescriptor attributeDescriptor)
      Returns the permission map for the given AttributeDescriptor (see Item.getPermissionMap() ) and all 3 userrights which the hmc uses on AttributeDescriptors.
    • filterInvalidPrincipals

      public static void filterInvalidPrincipals(Set principals)
      Filters invalid principals in the given set. I.e. all objects in the set are checked and if they are null, not an instance of Principal or no longer alive, they are removed from the set.
      Parameters:
      principals - the set which is to be checked
      Since:
      1.31
    • setPermissionMap

      public void setPermissionMap(ComposedType type, Map permissionMap)
      Sets the permission map for the given ComposedType (see Item.setPermissionsByMap() ) and all 5 userrights which the hmc uses on ComposedTypes.
    • setPermissionMap

      public void setPermissionMap(AttributeDescriptor attributeDescriptor, Map permissionMap)
      Sets the permission map for the given AttributeDescriptor (see Item.setPermissionsByMap() ) and all 3 userrights which the hmc uses on AttributeDescriptors.
    • getPermissionMap

      public Map getPermissionMap(Principal principal)
      Returns the permission map for the given Principal and all 5 userrights which the hmc uses on AttributeDescriptors.
    • setPermissionMap

      public void setPermissionMap(Principal principal, Map permissionMap)
      Sets the permission map for the given Principal and all 5 userrights which the hmc uses on items.
    • subTypesVisible

      public boolean subTypesVisible(ComposedType type)
      Returns true if the given type or at least one of its subtypes is visible and non-abstract.
      Returns:
      true if the given type or at least one of its subtypes is visible and non-abstract.
      Since:
      2.30 beta
    • checkLicence

      public ArrayList checkLicence()
      This Method returns a list with LicenceInfo objects. The size of this list is equal to how many licence terms exists.
      Since:
      2.30 beta
      See Also:
    • getRestrictedLanguages

      public Set<Language> getRestrictedLanguages(Item item)
      See Also: