Class AccessController
- java.lang.Object
-
- org.apache.turbine.modules.actions.AccessController
-
public class AccessController extends Object implements Action
This action doPerforms an Access Control List and places it into the RunData object, so it is easily available to modules. The ACL is also placed into the session. Modules can null out the ACL to force it to be rebuilt based on more information.Turbine uses a User-Role-Permission arrangement for access control. Users are assigned Roles. Roles are assigned Permissions. Turbine modules then check the Permission required for an action or information with the set of Permissions currently associated with the session (which are dependent on the user associated with the session.)
The criteria for assigning Roles/Permissions is application dependent, in some cases an application may change a User's Roles during the session. To achieve flexibility, the ACL takes an Object parameter, which the application can use to doPerform the ACL.
This action is special in that it should only be executed by the Turbine servlet.
- Version:
- $Id$
- Author:
- John D. McNally, Brett McLaughlin, Quinton McCombs, Peter Courcoux
-
-
Field Summary
-
Fields inherited from interface org.apache.turbine.modules.Action
CACHE_SIZE_DEFAULT, CACHE_SIZE_KEY, NAME, PREFIX
-
-
Constructor Summary
Constructors Constructor Description AccessController()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
doPerform(PipelineData pipelineData)
If there is a user and the user is logged in, doPerform will set the RunData ACL.
-
-
-
Constructor Detail
-
AccessController
public AccessController()
-
-
Method Detail
-
doPerform
public void doPerform(PipelineData pipelineData) throws org.apache.fulcrum.security.util.FulcrumSecurityException
If there is a user and the user is logged in, doPerform will set the RunData ACL. The list is first sought from the current session, otherwise it is loaded throughlink
and added to the current session.SecurityService.getACL(User)
-
-