public interface AccessControl
Modifier and Type | Method and Description |
---|---|
void |
assignToWorkspace(DeepaMehtaObject object,
long workspaceId)
Performs the initial workspace assignment for an object.
|
Topic |
checkCredentials(Credentials cred)
Checks if the given credentials are valid.
|
boolean |
emailAddressExists(String emailAddress)
Returns true if an "Email Address" (dm4.contacts.email_address) topic with the given value exists,
false otherwise.
|
long |
getAdministrationWorkspaceId()
Returns the ID of the "Administration" workspace.
|
long |
getAssignedWorkspaceId(long objectId)
Returns the ID of the workspace a topic or association is assigned to.
|
RelatedTopic |
getConfigTopic(String configTypeUri,
long topicId)
Returns the configuration topic of the given type for the given topic.
|
String |
getCreator(long objectId)
Returns the creator of a topic or an association.
|
long |
getDeepaMehtaWorkspaceId()
Returns the ID of the "DeepaMehta" workspace.
|
Topic |
getPrivateWorkspace(String username)
Returns the private workspace of the given user.
|
long |
getSystemWorkspaceId()
Returns the ID of the "System" workspace.
|
String |
getUsername(javax.servlet.http.HttpServletRequest request)
Returns the username that is associated with a request.
|
Topic |
getUsernameTopic(javax.servlet.http.HttpServletRequest request)
Convenience method that returns the Username topic that corresponds to a request.
|
Topic |
getUsernameTopic(String username)
Returns the Username topic that corresponds to a username.
|
Topic |
getWorkspace(String uri)
Returns a workspace by URI.
|
boolean |
hasPermission(String username,
Operation operation,
long objectId)
Checks if a user is permitted to perform an operation on an object (topic or association).
|
boolean |
isMember(String username,
long workspaceId)
Checks if a user is a member of a given workspace.
|
boolean |
isWorkspaceAssignment(Association assoc)
Checks if an association represents a workspace assignment.
|
<V> V |
runWithoutWorkspaceAssignment(Callable<V> callable)
Runs a code block while suppressing the standard workspace assignment for all topics/associations
created within that code block.
|
String |
username(javax.servlet.http.HttpSession session) |
boolean |
workspaceAssignmentIsSuppressed()
Returns true if standard workspace assignment is currently suppressed for the current thread.
|
Topic checkCredentials(Credentials cred)
null
otherwise.boolean hasPermission(String username, Operation operation, long objectId)
username
- the logged in user, or null
if no user is logged in.objectId
- a topic ID, or an association ID.true
if permission is granted, false
otherwise.String getCreator(long objectId)
null
if no creator is set.Topic getWorkspace(String uri)
RuntimeException
- If no workspace exists for the given URI.long getDeepaMehtaWorkspaceId()
long getAdministrationWorkspaceId()
long getSystemWorkspaceId()
long getAssignedWorkspaceId(long objectId)
objectId
- a topic ID, or an association ID-1
if no workspace is assigned.void assignToWorkspace(DeepaMehtaObject object, long workspaceId)
Use this method only for objects which have no workspace assignment already, that is e.g. objects created in a migration or objects created while workspace assignment is deliberately suppressed.
boolean isWorkspaceAssignment(Association assoc)
<V> V runWithoutWorkspaceAssignment(Callable<V> callable) throws Exception
Exception
boolean workspaceAssignmentIsSuppressed()
Topic getUsernameTopic(String username)
null
if no such Username topic exists.Topic getUsernameTopic(javax.servlet.http.HttpServletRequest request)
getUsernameTopic(getUsername(request))
.null
if no user is associated with the request.String getUsername(javax.servlet.http.HttpServletRequest request)
null
if no user is associated with the request.Topic getPrivateWorkspace(String username)
Note: a user can have more than one private workspace. The workspace returned by this method is the one that holds the user's password topic.
This is a privileged method, it bypasses the access control system.
boolean isMember(String username, long workspaceId)
username
- the logged in user, or null
if no user is logged in.RelatedTopic getConfigTopic(String configTypeUri, long topicId)
This is a privileged method, it bypasses the access control system.
RuntimeException
- if no such configuration topic exists.boolean emailAddressExists(String emailAddress)
This is a privileged method, it bypasses the access control system.
Copyright © 2016. All Rights Reserved.