Class DynamicAccessControlListImpl

    • Constructor Detail

      • DynamicAccessControlListImpl

        public DynamicAccessControlListImpl​(Map<? extends Group,​? extends RoleSet> roleSets,
                                            Map<? extends Role,​? extends PermissionSet> permissionSets)
        Constructs a new AccessControlList. This class follows 'immutable' pattern - it's objects can't be modified once they are created. This means that the permissions the users have are in effect form the moment they log in to the moment they log out, and changes made to the security settings in that time are not reflected in the state of this object. If you need to reset an user's permissions you need to invalidate his session.
        The objects that constructs an AccessControlList must supply hashtables of role/permission sets keyed with group objects.
        Parameters:
        roleSets - a hashtable containing RoleSet objects keyed with Group objects
        permissionSets - a hashtable containing PermissionSet objects keyed with Roles objects
    • Method Detail

      • getRoles

        public RoleSet getRoles​(Group group)
        Retrieves a set of Roles an user is assigned in a Group.
        Specified by:
        getRoles in interface DynamicAccessControlList
        Parameters:
        group - the Group
        Returns:
        the set of Roles this user has within the Group.
      • hasRole

        public boolean hasRole​(Role role,
                               Group group)
        Checks if the user is assigned a specific Role in the Group.
        Specified by:
        hasRole in interface DynamicAccessControlList
        Parameters:
        role - the Role
        group - the Group
        Returns:
        true if the user is assigned the Role in the Group.
      • hasRole

        public boolean hasRole​(Role role,
                               GroupSet groupset)
        Checks if the user is assigned a specific Role in any of the given Groups
        Specified by:
        hasRole in interface DynamicAccessControlList
        Parameters:
        role - the Role
        groupset - a Groupset
        Returns:
        true if the user is assigned the Role in any of the given Groups.
      • hasRole

        public boolean hasRole​(String role,
                               String group)
        Checks if the user is assigned a specific Role in the Group.
        Specified by:
        hasRole in interface DynamicAccessControlList
        Parameters:
        role - the Role
        group - the Group
        Returns:
        true if the user is assigned the Role in the Group.
      • hasRole

        public boolean hasRole​(String rolename,
                               GroupSet groupset)
        Checks if the user is assigned a specific Role in any of the given Groups
        Specified by:
        hasRole in interface DynamicAccessControlList
        Parameters:
        rolename - the name of the Role
        groupset - a Groupset
        Returns:
        true if the user is assigned the Role in any of the given Groups.
      • hasRole

        public boolean hasRole​(Role role)
        Checks if the user is assigned a specific Role
        Specified by:
        hasRole in interface DynamicAccessControlList
        Parameters:
        role - the Role
        Returns:
        true if the user is assigned the Role in the global Group.
      • hasRole

        public boolean hasRole​(String role)
        Checks if the user is assigned a specific Role .
        Specified by:
        hasRole in interface DynamicAccessControlList
        Parameters:
        role - the Role
        Returns:
        true if the user is assigned the Role .
      • hasPermission

        public boolean hasPermission​(Permission permission,
                                     Group group)
        Checks if the user is assigned a specific Permission in the Group.
        Specified by:
        hasPermission in interface DynamicAccessControlList
        Parameters:
        permission - the Permission
        group - the Group
        Returns:
        true if the user is assigned the Permission in the Group.
      • hasPermission

        public boolean hasPermission​(Permission permission,
                                     GroupSet groupset)
        Checks if the user is assigned a specific Permission in any of the given Groups
        Specified by:
        hasPermission in interface DynamicAccessControlList
        Parameters:
        permission - the Permission
        groupset - a Groupset
        Returns:
        true if the user is assigned the Permission in any of the given Groups.
      • hasPermission

        public boolean hasPermission​(String permission,
                                     String group)
        Checks if the user is assigned a specific Permission in the Group.
        Specified by:
        hasPermission in interface DynamicAccessControlList
        Parameters:
        permission - the Permission
        group - the Group
        Returns:
        true if the user is assigned the Permission in the Group.
      • hasPermission

        public boolean hasPermission​(String permission,
                                     Group group)
        Checks if the user is assigned a specific Permission in the Group.
        Specified by:
        hasPermission in interface DynamicAccessControlList
        Parameters:
        permission - the Permission
        group - the Group
        Returns:
        true if the user is assigned the Permission in the Group.
      • hasPermission

        public boolean hasPermission​(String permissionName,
                                     GroupSet groupset)
        Checks if the user is assigned a specific Permission in any of the given Groups
        Specified by:
        hasPermission in interface DynamicAccessControlList
        Parameters:
        permissionName - the name of the Permission
        groupset - a Groupset
        Returns:
        true if the user is assigned the Permission in any of the given Groups.
      • hasPermission

        public boolean hasPermission​(String permission)
        Checks if the user is assigned a specific Permission in the global Group.
        Specified by:
        hasPermission in interface DynamicAccessControlList
        Parameters:
        permission - the Permission
        Returns:
        true if the user is assigned the Permission in the global Group.