@Component @Singleton public class DefaultAuthorizationManager extends Object implements AuthorizationManager
AuthorizationManager
.SUPERADMIN_USER
Constructor and Description |
---|
DefaultAuthorizationManager() |
Modifier and Type | Method and Description |
---|---|
void |
checkAccess(Right right,
DocumentReference userReference,
EntityReference entityReference)
Check if the user identified by
userReference has the access identified by right on the
entity identified by entityReference . |
boolean |
hasAccess(Right right,
DocumentReference userReference,
EntityReference entityReference)
Verifies if the user identified by
userReference has the access identified by right on the
entity identified by entityReference . |
protected void |
logDeny(DocumentReference user,
EntityReference entity,
Right right,
String info)
Log denied access conclusion.
|
Right |
register(RightDescription rightDescription)
Register a new custom
Right . |
Right |
register(RightDescription rightDescription,
Set<Right> impliedByRights)
Register a new custom
Right and add it as an implied right to the given set of rights. |
void |
unregister(Right right)
Unregister the given custom
Right . |
public void checkAccess(Right right, DocumentReference userReference, EntityReference entityReference) throws AccessDeniedException
AuthorizationManager
userReference
has the access identified by right
on the
entity identified by entityReference
. Note that some rights may be checked higher in hierarchy of the
provided entity if such right is not enabled at lowest hierarchy level provided.
This function should be used at security checkpoint.checkAccess
in interface AuthorizationManager
right
- the right needed for execution of the actionuserReference
- the user to check the right forentityReference
- the entity on which to check the rightAccessDeniedException
- if the action should be denied, which may also happen when an error occurspublic boolean hasAccess(Right right, DocumentReference userReference, EntityReference entityReference)
AuthorizationManager
userReference
has the access identified by right
on the
entity identified by entityReference
. Note that some rights may be checked higher in hierarchy of the
provided entity if such right is not enabled at lowest hierarchy level provided.
This function should be used for interface matters, use AuthorizationManager.checkAccess(org.xwiki.security.authorization.Right, org.xwiki.model.reference.DocumentReference, org.xwiki.model.reference.EntityReference)
at security checkpoints.hasAccess
in interface AuthorizationManager
right
- the right to check .userReference
- the user to check the right forentityReference
- the entity on which to check the righttrue
if the user has the specified right on the entity, false
otherwisepublic Right register(RightDescription rightDescription) throws UnableToRegisterRightException
AuthorizationManager
Right
.register
in interface AuthorizationManager
rightDescription
- the full description of the new Right
Right
UnableToRegisterRightException
- if an error prevent creation of the new right. Registering exactly
the same right does not cause an exception and return the existing right.public Right register(RightDescription rightDescription, Set<Right> impliedByRights) throws UnableToRegisterRightException
AuthorizationManager
Right
and add it as an implied right to the given set of rights.register
in interface AuthorizationManager
rightDescription
- the full description of the new Right
impliedByRights
- the rights that should imply the new right.Right
UnableToRegisterRightException
- if an error prevent creation of the new right. Registering exactly
the same right does not cause an exception and return the existing right.public void unregister(Right right) throws AuthorizationException
AuthorizationManager
Right
.unregister
in interface AuthorizationManager
right
- the custom right to unregister.AuthorizationException
- if the right is not custom.protected void logDeny(DocumentReference user, EntityReference entity, Right right, String info)
user
- The user name that was checked.entity
- The page that was checked.right
- The action that was requested.info
- Additional information.Copyright © 2004–2021 XWiki. All rights reserved.