lumis.util.security.acl
Class AclManager

Package class diagram package AclManager
java.lang.Object
  extended by lumis.util.security.acl.AclManager
All Implemented Interfaces:
IConfigKeyChecker, IAclManager
Direct Known Subclasses:
ChannelAclManager, GenericAclManager, GroupAclManager, PageAclManager, PageTemplateAclManager, PortalAclManager, ServiceAclManager, ServiceInstanceAclManager

public abstract class AclManager
extends Object
implements IAclManager

Base AclManager implementation. This is an abstract implementation, that contains the logic that all acls should have. Specific acl managers should extend this class.

Since:
4.0.0

Field Summary
protected static PortalCache<AccessControlList> aclCache
           
 
Constructor Summary
AclManager()
           
 
Method Summary
protected  String add(AccessControlList parentAcl, HashMap<Integer,Integer> permissionsMap, int[] implies, ITransaction transaction)
           
 void add(AccessControlList acl, ITransaction transaction)
           
 void addOrUpdate(AccessControlList acl, ITransaction transaction)
           
 boolean checkPermission(SessionConfig sessionConfig, String itemId, IPermission permission, ITransaction transaction)
          Verify if the permission is valid for the sessionConfig's user.
 boolean checkPermission(SessionConfig sessionConfig, String userId, String itemId, IPermission permission, ITransaction transaction)
          For the given principalId, all the groups that the principal is member of (recursively) are collected and permission is calculated on this collection.
protected  void checkRequiredPermissionsInternal(AccessControlList acl)
          Checks if the required permissions were given for someone.
protected  void cleanupInvalidData(AccessControlList acl)
           
 void clearCache(ITransaction transaction)
          Clears all ACL cache.
 void delete(String aclId, ITransaction transaction)
          Deletes an acl.
 void deleteAclEntryByPrincipalId(String principalId, ITransaction transaction)
          Delete ACL entries in all ACLs for the specified principal.
 String deserialize(SessionConfig sessionConfig, DeserializationConfig deserializationConfig, Node accessControlListNode, boolean onlyAddSimpleAcls, ITransaction transaction)
           
 boolean exists(String aclId, ITransaction transaction)
           
abstract  AccessControlList get(SessionConfig sessionConfig, String id, ITransaction transaction)
           
protected abstract  AccessControlList getAclInternal(SessionConfig sessionConfig, String itemId, ITransaction transaction)
           
protected abstract  int getRequiredPermissions()
           
 boolean keyExists(SessionConfig sessionConfig, Object configKey, Object config, ITransaction transaction)
          Checks if configId matches an already persisted object
 void removeFromCache(String aclId, ITransaction transaction)
          Allows removal of cached items
 void serialize(SessionConfig sessionConfig, String securableId, OutputStream outputStream, ITransaction transaction)
           
protected  void update(AccessControlList acl, ITransaction transaction)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

aclCache

protected static PortalCache<AccessControlList> aclCache
Constructor Detail

AclManager

public AclManager()
Method Detail

get

public abstract AccessControlList get(SessionConfig sessionConfig,
                                      String id,
                                      ITransaction transaction)
                               throws ManagerException,
                                      PortalException
Throws:
ManagerException
PortalException

getAclInternal

protected abstract AccessControlList getAclInternal(SessionConfig sessionConfig,
                                                    String itemId,
                                                    ITransaction transaction)
                                             throws ManagerException,
                                                    PortalException
Throws:
ManagerException
PortalException

getRequiredPermissions

protected abstract int getRequiredPermissions()
                                       throws PortalException
Throws:
PortalException

checkRequiredPermissionsInternal

protected void checkRequiredPermissionsInternal(AccessControlList acl)
                                         throws PortalException
Checks if the required permissions were given for someone. If not an exception is thrown.

Parameters:
acl - the acl to be checked.
Throws:
PortalException - if the required permissions were not given.

add

protected String add(AccessControlList parentAcl,
                     HashMap<Integer,Integer> permissionsMap,
                     int[] implies,
                     ITransaction transaction)
              throws PortalException
Throws:
PortalException

add

public void add(AccessControlList acl,
                ITransaction transaction)
         throws PortalException
Specified by:
add in interface IAclManager
Throws:
PortalException

exists

public boolean exists(String aclId,
                      ITransaction transaction)
               throws DaoException,
                      PortalException
Specified by:
exists in interface IAclManager
Throws:
DaoException
PortalException

update

protected void update(AccessControlList acl,
                      ITransaction transaction)
               throws ManagerException,
                      PortalException
Throws:
ManagerException
PortalException

addOrUpdate

public void addOrUpdate(AccessControlList acl,
                        ITransaction transaction)
                 throws ManagerException,
                        PortalException
Specified by:
addOrUpdate in interface IAclManager
Throws:
ManagerException
PortalException

cleanupInvalidData

protected void cleanupInvalidData(AccessControlList acl)
                           throws PortalException
Throws:
PortalException

delete

public void delete(String aclId,
                   ITransaction transaction)
            throws PortalException
Description copied from interface: IAclManager
Deletes an acl.

This method does not delete the acl's children. They must have been deleted or the foreign key constraints will not allow their parent to be deleted.

Specified by:
delete in interface IAclManager
Parameters:
aclId - the id of the acl to be deleted from persistence.
transaction - the transaction for persistence access.
Throws:
PortalException

deleteAclEntryByPrincipalId

public void deleteAclEntryByPrincipalId(String principalId,
                                        ITransaction transaction)
                                 throws PortalException
Description copied from interface: IAclManager
Delete ACL entries in all ACLs for the specified principal.

Specified by:
deleteAclEntryByPrincipalId in interface IAclManager
Throws:
DaoException
PortalException

removeFromCache

public void removeFromCache(String aclId,
                            ITransaction transaction)
                     throws DaoException,
                            PortalException
Description copied from interface: IAclManager
Allows removal of cached items

Specified by:
removeFromCache in interface IAclManager
Throws:
DaoException
PortalException

clearCache

public void clearCache(ITransaction transaction)
                throws PortalException
Description copied from interface: IAclManager
Clears all ACL cache.

Specified by:
clearCache in interface IAclManager
Parameters:
transaction - the transaction for persistence access. If null, the cache is just cleared, else it is cleared as a transactional operation as specified in PortalCache.clear(ITransaction).
Throws:
PortalException

checkPermission

public boolean checkPermission(SessionConfig sessionConfig,
                               String itemId,
                               IPermission permission,
                               ITransaction transaction)
                        throws ManagerException,
                               PortalException
Description copied from interface: IAclManager
Verify if the permission is valid for the sessionConfig's user.

Specified by:
checkPermission in interface IAclManager
Returns:
Returns the true or false value.
Throws:
ManagerException
PortalException

checkPermission

public boolean checkPermission(SessionConfig sessionConfig,
                               String userId,
                               String itemId,
                               IPermission permission,
                               ITransaction transaction)
                        throws ManagerException,
                               PortalException
For the given principalId, all the groups that the principal is member of (recursively) are collected and permission is calculated on this collection.

Specified by:
checkPermission in interface IAclManager
Returns:
Throws:
ManagerException
PortalException

serialize

public void serialize(SessionConfig sessionConfig,
                      String securableId,
                      OutputStream outputStream,
                      ITransaction transaction)
               throws ManagerException,
                      PortalException
Specified by:
serialize in interface IAclManager
Throws:
ManagerException
PortalException

deserialize

public String deserialize(SessionConfig sessionConfig,
                          DeserializationConfig deserializationConfig,
                          Node accessControlListNode,
                          boolean onlyAddSimpleAcls,
                          ITransaction transaction)
                   throws ManagerException,
                          PortalException
Specified by:
deserialize in interface IAclManager
Throws:
ManagerException
PortalException

keyExists

public boolean keyExists(SessionConfig sessionConfig,
                         Object configKey,
                         Object config,
                         ITransaction transaction)
Description copied from interface: IConfigKeyChecker
Checks if configId matches an already persisted object

Specified by:
keyExists in interface IConfigKeyChecker
config - Optional, allows a checker to read aditional fields to check composed keys
Returns:
true if configId matches an already persisted object


Lumisportal  5.5.0.091130 - Copyright © 2001-2007, Lumis. All Rights Reserved.