Interface ContextualAuthorizationManager


  • @Role
    public interface ContextualAuthorizationManager
    This API is for checking the access rights of current user in the current context. It replaces com.xpn.xwiki.user.api.XWikiRightService. The ContextualAuthorizationManager does not provide any help for authentication. Authentication should have been ensured previously if needed.
    Since:
    6.1RC1
    Version:
    $Id: d5d1dc21a308f224b8c8ed57735b22a82210a465 $
    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      void checkAccess​(Right right)
      Check if access identified by right on the current entity is allowed in the current context.
      void checkAccess​(Right right, EntityReference entityReference)
      Check if access identified by right on the given entity is allowed in the current context.
      boolean hasAccess​(Right right)
      Verifies if access identified by right on the current entity would be allowed in the current context.
      boolean hasAccess​(Right right, EntityReference entityReference)
      Verifies if access identified by right on the given entity would be allowed in the current context.
    • Method Detail

      • checkAccess

        void checkAccess​(Right right)
                  throws AccessDeniedException
        Check if access identified by right on the current entity is allowed in the current context. The context includes information like the authenticated user, the current macro being executed, the rendering context restriction, the dropping of rights by macro, etc... This function should be used at security checkpoint.
        Parameters:
        right - the right needed for execution of the action
        Throws:
        AccessDeniedException - if the action should be denied, which may also happen when an error occurs
      • hasAccess

        boolean hasAccess​(Right right)
        Verifies if access identified by right on the current entity would be allowed in the current context. The context includes information like the authenticated user, the current macro being executed, the rendering context restriction, the dropping of rights by macro, etc... This function should be used for interface matters, use checkAccess(org.xwiki.security.authorization.Right) at security checkpoints.
        Parameters:
        right - the right to check .
        Returns:
        true if the user has the specified right on the entity, false otherwise
      • checkAccess

        void checkAccess​(Right right,
                         EntityReference entityReference)
                  throws AccessDeniedException
        Check if access identified by right on the given entity is allowed in the current context. The context includes information like the authenticated user, the current macro being executed, the rendering context restriction, the dropping of rights by macro, etc... This function should be used at security checkpoint.
        Parameters:
        right - the right needed for execution of the action
        entityReference - the entity on which to check the right
        Throws:
        AccessDeniedException - if the action should be denied, which may also happen when an error occurs
      • hasAccess

        boolean hasAccess​(Right right,
                          EntityReference entityReference)
        Verifies if access identified by right on the given entity would be allowed in the current context. The context includes information like the authenticated user, the current macro being executed, the rendering context restriction, the dropping of rights by macro, etc... This function should be used for interface matters, use checkAccess(org.xwiki.security.authorization.Right) at security checkpoints.
        Parameters:
        right - the right to check .
        entityReference - the entity on which to check the right
        Returns:
        true if the user has the specified right on the entity, false otherwise