de.deepamehta.core.service.accesscontrol

Interface AccessControl

Show UML class diagram

All Known Implementing Classes:

AccessControlImpl

public interface AccessControl

Method Summary

Methods

Modifier and Type	Method and Description
void	assignToWorkspace(DeepaMehtaObject object, long workspaceId) Performs the initial workspace assignment for an object.
Topic	checkCredentials(Credentials cred) Checks if the given credentials are valid.
boolean	emailAddressExists(String emailAddress) Returns true if an "Email Address" (dm4.contacts.email_address) topic with the given value exists, false otherwise.
RelatedTopic	getConfigTopic(String configTypeUri, long topicId) Returns the configuration topic of the given type for the given topic.
long	getDeepaMehtaWorkspaceId() Returns the ID of the "DeepaMehta" workspace.
Topic	getPrivateWorkspace(String username) Returns the private workspace of the given user.
long	getSystemWorkspaceId() Returns the ID of the "System" workspace.
String	getUsername(javax.servlet.http.HttpServletRequest request) Returns the username that is associated with a request.
Topic	getUsernameTopic(javax.servlet.http.HttpServletRequest request) Convenience method that returns the Username topic that corresponds to a request.
Topic	getUsernameTopic(String username) Returns the Username topic that corresponds to a username.
Topic	getWorkspace(String uri) Returns a workspace by URI.
boolean	hasPermission(String username, Operation operation, long objectId) Checks if a user is permitted to perform an operation on an object (topic or association).
boolean	isMember(String username, long workspaceId) Checks if a user is a member of a given workspace.
<V> V	runWithoutWorkspaceAssignment(Callable<V> callable) Runs a code block while suppressing the standard workspace assignment for all topics/associations created within that code block.
String	username(javax.servlet.http.HttpSession session)
boolean	workspaceAssignmentIsSuppressed() Returns true if standard workspace assignment is currently suppressed for the current thread.

Method Detail

checkCredentials

Topic checkCredentials(Credentials cred)

Checks if the given credentials are valid.

Returns:

the corresponding Username topic if the credentials are valid, or null otherwise.

hasPermission

boolean hasPermission(String username,
                    Operation operation,
                    long objectId)

Checks if a user is permitted to perform an operation on an object (topic or association).

Parameters:

username - the logged in user, or null if no user is logged in.

objectId - a topic ID, or an association ID.

Returns:

true if permission is granted, false otherwise.

getWorkspace

Topic getWorkspace(String uri)

Returns a workspace by URI.

Returns:

The workspace (a topic of type "Workspace").

Throws:

RuntimeException - If no workspace exists for the given URI.

getDeepaMehtaWorkspaceId

long getDeepaMehtaWorkspaceId()

Returns the ID of the "DeepaMehta" workspace.

getSystemWorkspaceId

long getSystemWorkspaceId()

Returns the ID of the "System" workspace.

isMember

boolean isMember(String username,
               long workspaceId)

Checks if a user is a member of a given workspace.

Parameters:

username - the logged in user, or null if no user is logged in.

assignToWorkspace

void assignToWorkspace(DeepaMehtaObject object,
                     long workspaceId)

Performs the initial workspace assignment for an object.

Use this method only for objects which have no workspace assignment already, that is e.g. objects created in a migration or objects created while workspace assignment is deliberately suppressed.

runWithoutWorkspaceAssignment

<V> V runWithoutWorkspaceAssignment(Callable<V> callable)
                                throws Exception

Runs a code block while suppressing the standard workspace assignment for all topics/associations created within that code block.

Throws:

Exception

workspaceAssignmentIsSuppressed

boolean workspaceAssignmentIsSuppressed()

Returns true if standard workspace assignment is currently suppressed for the current thread.

getUsernameTopic

Topic getUsernameTopic(String username)

Returns the Username topic that corresponds to a username.

Returns:

the Username topic, or null if no such Username topic exists.

getUsernameTopic

Topic getUsernameTopic(javax.servlet.http.HttpServletRequest request)

Convenience method that returns the Username topic that corresponds to a request. Basically it calls getUsernameTopic(getUsername(request)).

Returns:

the Username topic, or null if no user is associated with the request.

getUsername

String getUsername(javax.servlet.http.HttpServletRequest request)

Returns the username that is associated with a request.

Returns:

the username, or null if no user is associated with the request.

username

String username(javax.servlet.http.HttpSession session)

getPrivateWorkspace

Topic getPrivateWorkspace(String username)

Returns the private workspace of the given user.

Note: a user can have more than one private workspace. The workspace returned by this method is the one that holds the user's password topic.

This is a privileged method, it bypasses the access control system.

getConfigTopic

RelatedTopic getConfigTopic(String configTypeUri,
                          long topicId)

Returns the configuration topic of the given type for the given topic.

This is a privileged method, it bypasses the access control system.

Throws:

RuntimeException - if no such configuration topic exists.

emailAddressExists

boolean emailAddressExists(String emailAddress)

Returns true if an "Email Address" (dm4.contacts.email_address) topic with the given value exists, false otherwise.

This is a privileged method, it bypasses the access control system.