Package de.hybris.platform.hmc.jalo
Class AccessManager
java.lang.Object
de.hybris.platform.hmc.jalo.AccessManager
This class acts as a translator for the
Platform AccessManager
. TODO: This class is only for legacy reasons here. The callers should rather use the AccesssManager from
jalo.security package directly. Before removing this class we have to make sure that everything can be covered by the
AccessManager from jalo.- Since:
- 2.20
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic classThis comparator is used to alphabetically sort a list of principals. -
Field Summary
Fields -
Method Summary
Modifier and TypeMethodDescriptionbooleancanChange(AttributeDescriptor descriptor) booleancanChange(ComposedType type) booleancanChangeInstance(Item item) Returns true if the current user is allowed to change items of the given type and if all extensions which implements RightsProvider do allow this operation on this item.booleancanChangeInstance(Item item, AttributeDescriptor att) booleancanChangePermissions(AttributeDescriptor descriptor) booleanbooleancanCreate(ComposedType type) booleancanCreateInstance(Item item) Returns true if the current user is allowed to create items of the given type and if all extensions implementing RightsProvider allow editing this item.booleancanCreateInstance(Item item, AttributeDescriptor att) booleancanRead(AttributeDescriptor descriptor) booleancanRead(ComposedType type) booleancanRemove(ComposedType type) booleancanRemoveInstance(Item item) Returns true if the current user is allowed to remove items of the given type and if all extensions implementing RightsProvider allow editing this item.booleancanRemoveInstance(Item item, AttributeDescriptor att) Returns true if the current user is allowed to remove items of the given type and if all extensions implementing RightsProvider allow editing this item.This Method returns a list withLicenceInfoobjects.static voidfilterInvalidPrincipals(Set principals) Filters invalid principals in the given set.Returns a map containing the three UserRight objects for the keys READ, CHANGE, and CHANGE_PERMISSIONS...static final AccessManagerReturns an instance of AccessManager.getPermissionMap(Principal principal) Returns the permission map for the given Principal and all 5 userrights which the hmc uses on AttributeDescriptors.getPermissionMap(AttributeDescriptor attributeDescriptor) Returns the permission map for the given AttributeDescriptor (seeItem.getPermissionMap()) and all 3 userrights which the hmc uses on AttributeDescriptors.getPermissionMap(ComposedType type) Returns the permission map for the given ComposedType.getRestrictedLanguages(Item item) intgetRightIndex(String userRight) For the given userright key this method returns the index of the appropriate UserRight within the userright list.Returns a map containing the five UserRight objects for the keys READ, CHANGE, CREATE, REMOVE and CHANGE_PERMISSIONS...booleanhasRight(Principal principal, AttributeDescriptor descriptor, String userRightKey) Checks if the given Principal has the given right on the given AttributeDescriptor.booleanhasRight(Principal principal, ComposedType type, String userRightKey) Checks if the given Principal has the given right on the given ComposedType.booleanhasRight(AttributeDescriptor descriptor, String userRightKey) Checks if the current Principal has the given right on the given AttributeDescriptor.booleanhasRight(ComposedType type, String userRightKey) Checks if the current Principal has the given right on the given ComposedType.booleanisAdmin()Returns true if the current jalosession user is in the admin group.booleanReturns true if the given principal is in the admin group.static final voidvoidsetPermissionMap(Principal principal, Map permissionMap) Sets the permission map for the given Principal and all 5 userrights which the hmc uses on items.voidsetPermissionMap(AttributeDescriptor attributeDescriptor, Map permissionMap) Sets the permission map for the given AttributeDescriptor (seeItem.setPermissionsByMap()) and all 3 userrights which the hmc uses on AttributeDescriptors.voidsetPermissionMap(ComposedType type, Map permissionMap) Sets the permission map for the given ComposedType (seeItem.setPermissionsByMap()) and all 5 userrights which the hmc uses on ComposedTypes.booleansubTypesVisible(ComposedType type) Returns true if the given type or at least one of its subtypes is visible and non-abstract.
-
Field Details
-
READ
- See Also:
-
CHANGE
- See Also:
-
CHANGE_PERMISSIONS
- See Also:
-
CREATE
- See Also:
-
REMOVE
- See Also:
-
GRANT
- See Also:
-
SUPER_GRANT
- See Also:
-
DENY
- See Also:
-
SUPER_DENY
- See Also:
-
NONE
- See Also:
-
SINGLETON_CREATOR
-
-
Method Details
-
resetUserRights
public static final void resetUserRights() -
getInstance
Returns an instance of AccessManager. It is ensured that there will always be only one instance per jalosession if you use this method. -
getTypeUserRights
Returns a map containing the five UserRight objects for the keys READ, CHANGE, CREATE, REMOVE and CHANGE_PERMISSIONS... -
getDescriptorUserRights
Returns a map containing the three UserRight objects for the keys READ, CHANGE, and CHANGE_PERMISSIONS... -
getRightIndex
For the given userright key this method returns the index of the appropriate UserRight within the userright list.- Parameters:
userRight- the user right key which must be one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS
-
hasRight
Checks if the current Principal has the given right on the given AttributeDescriptor.- Parameters:
descriptor- the AttributeDescriptor which is checkeduserRightKey- the key for the userright which should be checked (one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS)- Returns:
- true if the permission is granted (either directly on the itemtype or on one of its supertypes), false if the permission is denied (either by an explicit denial or because neither the attributedescriptor nor the enclosing type or its supertype's attributedescriptor has any permission set)
-
hasRight
Checks if the given Principal has the given right on the given AttributeDescriptor.- Parameters:
principal- the Principal for which the permission is checkeddescriptor- the AttributeDescriptor which is checkeduserRightKey- the key for the userright which should be checked (one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS)- Returns:
- true if the permission is granted (either directly on the itemtype or on one of its supertypes), false if the permission is denied (either by an explicit denial or because neither the attributedescriptor nor the enclosing type or its supertype's attributedescriptor has any permission set)
-
hasRight
Checks if the current Principal has the given right on the given ComposedType.- Parameters:
type- the ComposedType which is checkeduserRightKey- the key for the userright which should be checked (one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS)- Returns:
- true if the permission is granted (either directly on the itemtype or on one of its supertypes), false if the permission is denied (either by an explicit denial or because neither the type nor one of its supertypes has any permission set)
-
hasRight
Checks if the given Principal has the given right on the given ComposedType.- Parameters:
principal- the Principal for which the permission is checkedtype- the ComposedType which is checkeduserRightKey- the key for the userright which should be checked (one of READ, CHANGE, CREATE, REMOVE or CHANGE_PERMISSIONS)- Returns:
- true if the permission is granted (either directly on the itemtype or on one of its supertypes), false if the permission is denied (either by an explicit denial or because neither the type nor one of its supertypes has any permission set)
-
isAdmin
public boolean isAdmin()Returns true if the current jalosession user is in the admin group. -
isAdmin
Returns true if the given principal is in the admin group. -
canChangeInstance
Returns true if the current user is allowed to change items of the given type and if all extensions which implements RightsProvider do allow this operation on this item.- Parameters:
item- Item- Returns:
- true or false
-
canChangeInstance
-
canChange
- Returns:
- true if the current user is allowed to change items of the given type
-
canChange
- Returns:
- true if the current user is allowed to change the contents of the given attributedescriptor
-
canRead
- Returns:
- true if the current user is allowed to read items of the given type
-
canRead
- Returns:
- true if the current user is allowed to read the contents of the given attributedescriptor
-
canRemoveInstance
Returns true if the current user is allowed to remove items of the given type and if all extensions implementing RightsProvider allow editing this item.- Parameters:
item- Item- Returns:
- true or false
-
canRemoveInstance
Returns true if the current user is allowed to remove items of the given type and if all extensions implementing RightsProvider allow editing this item.- Parameters:
item- the itematt- the attribute descriptor- Returns:
- true if the current user is allowed
-
canRemove
- Returns:
- true if the current user is allowed to remove items of the given type
-
canChangePermissions
- Returns:
- true if the current user is allowed to change permissions on the given type
-
canChangePermissions
- Returns:
- true if the current user is allowed to change permissions of the given attributedescriptor
-
canCreateInstance
Returns true if the current user is allowed to create items of the given type and if all extensions implementing RightsProvider allow editing this item.- Parameters:
item- Item- Returns:
- true or false
-
canCreateInstance
-
canCreate
- Returns:
- true if the current user is allowed to create an item of the given type
-
getPermissionMap
Returns the permission map for the given ComposedType. (seeItem.getPermissionMap()) and all 5 userrights which the hmc uses on ComposedTypes. -
getPermissionMap
Returns the permission map for the given AttributeDescriptor (seeItem.getPermissionMap()) and all 3 userrights which the hmc uses on AttributeDescriptors. -
filterInvalidPrincipals
Filters invalid principals in the given set. I.e. all objects in the set are checked and if they are null, not an instance of Principal or no longer alive, they are removed from the set.- Parameters:
principals- the set which is to be checked- Since:
- 1.31
-
setPermissionMap
Sets the permission map for the given ComposedType (seeItem.setPermissionsByMap()) and all 5 userrights which the hmc uses on ComposedTypes. -
setPermissionMap
Sets the permission map for the given AttributeDescriptor (seeItem.setPermissionsByMap()) and all 3 userrights which the hmc uses on AttributeDescriptors. -
getPermissionMap
Returns the permission map for the given Principal and all 5 userrights which the hmc uses on AttributeDescriptors. -
setPermissionMap
Sets the permission map for the given Principal and all 5 userrights which the hmc uses on items. -
subTypesVisible
Returns true if the given type or at least one of its subtypes is visible and non-abstract.- Returns:
- true if the given type or at least one of its subtypes is visible and non-abstract.
- Since:
- 2.30 beta
-
checkLicence
This Method returns a list withLicenceInfoobjects. The size of this list is equal to how many licence terms exists.- Since:
- 2.30 beta
- See Also:
-
getRestrictedLanguages
-