Package org.apache.turbine.modules.actions

Class AccessController

  • All Implemented Interfaces:
    Action, Assembler
    public class AccessController
extends Object
implements Action
    This action doPerforms an Access Control List and places it into the RunData object, so it is easily available to modules. The ACL is also placed into the session. Modules can null out the ACL to force it to be rebuilt based on more information.

    Turbine uses a User-Role-Permission arrangement for access control. Users are assigned Roles. Roles are assigned Permissions. Turbine modules then check the Permission required for an action or information with the set of Permissions currently associated with the session (which are dependent on the user associated with the session.)

    The criteria for assigning Roles/Permissions is application dependent, in some cases an application may change a User's Roles during the session. To achieve flexibility, the ACL takes an Object parameter, which the application can use to doPerform the ACL.

    This action is special in that it should only be executed by the Turbine servlet.

    Version:
    $Id$
    Author:
    John D. McNally, Brett McLaughlin, Quinton McCombs, Peter Courcoux

    • Method Detail

      • doPerform

        public void doPerform​(PipelineData pipelineData)
               throws org.apache.fulcrum.security.util.FulcrumSecurityException
        If there is a user and the user is logged in, doPerform will set the RunData ACL. The list is first sought from the current session, otherwise it is loaded through link SecurityService.getACL(User) and added to the current session.
        Specified by:
        doPerform in interface Action
        Parameters:
        pipelineData - Turbine information.
        Throws:
        org.apache.fulcrum.security.util.FulcrumSecurityException - problem with the security service.