@Component @Named(value="security.authorization") @Singleton public class SecurityAuthorizationScriptService extends Object implements org.xwiki.script.service.ScriptService
Modifier and Type | Field and Description |
---|---|
static String |
ID
The role hint of this component.
|
Constructor and Description |
---|
SecurityAuthorizationScriptService() |
Modifier and Type | Method and Description |
---|---|
void |
checkAccess(Right right)
Check if access identified by
right on the current entity is allowed in the current context. |
void |
checkAccess(Right right,
org.xwiki.model.reference.DocumentReference userReference,
org.xwiki.model.reference.EntityReference entityReference)
Check if the user identified by
userReference has the access identified by right on the
entity identified by entityReference . |
void |
checkAccess(Right right,
org.xwiki.model.reference.EntityReference entityReference)
Check if access identified by
right on the given entity is allowed in the current context. |
List<String> |
getAllRightsNames() |
boolean |
hasAccess(Right right)
Verifies if access identified by
right on the current entity would be allowed in the current context. |
boolean |
hasAccess(Right right,
org.xwiki.model.reference.DocumentReference userReference,
org.xwiki.model.reference.EntityReference entityReference)
Verifies if the user identified by
userReference has the access identified by right on the
entity identified by entityReference . |
boolean |
hasAccess(Right right,
org.xwiki.model.reference.EntityReference entityReference)
Verifies if access identified by
right on the given entity would be allowed in the current context. |
boolean |
isRightRegistered(String rightName)
Check that a specific right is registered or not.
|
public static final String ID
public void checkAccess(Right right) throws AccessDeniedException
right
on the current entity is allowed in the current context.
The context includes information like the authenticated user, the current macro being executed, the rendering
context restriction, the dropping of rights by macro, etc...
This function should be used at security checkpoint.right
- the right needed for execution of the actionAccessDeniedException
- if the action should be denied, which may also happen when an error occurspublic boolean hasAccess(Right right)
right
on the current entity would be allowed in the current context.
The context includes information like the authenticated user, the current macro being executed, the rendering
context restriction, the dropping of rights by macro, etc...
This function should be used for interface matters, use checkAccess(org.xwiki.security.authorization.Right)
at security checkpoints.right
- the right to check .true
if the user has the specified right on the entity, false
otherwisepublic void checkAccess(Right right, org.xwiki.model.reference.EntityReference entityReference) throws AccessDeniedException
right
on the given entity is allowed in the current context.
The context includes information like the authenticated user, the current macro being executed, the rendering
context restriction, the dropping of rights by macro, etc...
This function should be used at security checkpoint.right
- the right needed for execution of the actionentityReference
- the entity on which to check the rightAccessDeniedException
- if the action should be denied, which may also happen when an error occurspublic boolean hasAccess(Right right, org.xwiki.model.reference.EntityReference entityReference)
right
on the given entity would be allowed in the current context.
The context includes information like the authenticated user, the current macro being executed, the rendering
context restriction, the dropping of rights by macro, etc...
This function should be used for interface matters, use checkAccess(org.xwiki.security.authorization.Right)
at security checkpoints.right
- the right to check.entityReference
- the entity on which to check the righttrue
if the user has the specified right on the entity, false
otherwisepublic void checkAccess(Right right, org.xwiki.model.reference.DocumentReference userReference, org.xwiki.model.reference.EntityReference entityReference) throws AccessDeniedException
userReference
has the access identified by right
on the
entity identified by entityReference
. Note that some rights may be checked higher in hierarchy of the
provided entity if such right is not enabled at lowest hierarchy level provided.
This function should be used at security checkpoint.right
- the right needed for execution of the actionuserReference
- the user to check the right forentityReference
- the entity on which to check the rightAccessDeniedException
- if the action should be denied, which may also happen when an error occurspublic boolean hasAccess(Right right, org.xwiki.model.reference.DocumentReference userReference, org.xwiki.model.reference.EntityReference entityReference)
userReference
has the access identified by right
on the
entity identified by entityReference
. Note that some rights may be checked higher in hierarchy of the
provided entity if such right is not enabled at lowest hierarchy level provided.
This function should be used for interface matters, use checkAccess(org.xwiki.security.authorization.Right)
at security checkpoints.right
- the right to check .userReference
- the user to check the right forentityReference
- the entity on which to check the righttrue
if the user has the specified right on the entity, false
otherwise@Unstable public boolean isRightRegistered(String rightName)
rightName
- the name of the right to check for registration.true
only if the right name can be find.Copyright © 2004–2022 XWiki. All rights reserved.