Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.exoplatform.social.service.rest
Class SecurityManager

java.lang.Object
  extended by org.exoplatform.social.service.rest.SecurityManager

public class SecurityManager
extends Object

The security manager helper class for Social Rest APIs.

Since:
1.2.0-GA, Jun 17, 2011
Author:
hoatle (hoatlevan at gmail dot com), phuonglm

Constructor Summary
SecurityManager()
           
 
Method Summary
static boolean canAccessActivity(org.exoplatform.container.PortalContainer portalContainer, org.exoplatform.social.core.identity.model.Identity authenticatedIdentity, org.exoplatform.social.core.activity.model.ExoSocialActivity existingActivity)
          Checks if an authenticated identity can access an existing activity.
static boolean canAccessActivity(org.exoplatform.container.PortalContainer portalContainer, String userIdentityId, org.exoplatform.social.core.activity.model.ExoSocialActivity existingActivity)
          Checks if an authenticated remoteId of user can access an existing activity.
static boolean canAccessActivityStream(org.exoplatform.container.PortalContainer portalContainer, org.exoplatform.social.core.identity.model.Identity authenticatedIdentity, org.exoplatform.social.core.identity.model.Identity ownerStream)
          Checks if an authenticated identity could access the activity stream of an owner stream identity.
static boolean canCommentToActivity(org.exoplatform.container.PortalContainer portalContainer, org.exoplatform.social.core.identity.model.Identity authenticatedIdentity, org.exoplatform.social.core.activity.model.ExoSocialActivity existingActivity)
          Checks if an authenticated identity has the permission to comment on an existing activity.
static boolean canDeleteActivity(org.exoplatform.container.PortalContainer portalContainer, org.exoplatform.social.core.identity.model.Identity authenticatedIdentity, org.exoplatform.social.core.activity.model.ExoSocialActivity existingActivity)
          Checks if an authenticated identity has the permission to delete an existing activity.
static boolean canDeleteComment(org.exoplatform.container.PortalContainer portalContainer, org.exoplatform.social.core.identity.model.Identity authenticatedIdentity, org.exoplatform.social.core.activity.model.ExoSocialActivity existingComment)
          Checks if an authenticated identity has the permission to delete an existing comment.
static boolean canPostActivity(org.exoplatform.container.PortalContainer portalContainer, org.exoplatform.social.core.identity.model.Identity authenticatedIdentity, org.exoplatform.social.core.identity.model.Identity ownerIdentityStream)
          Checks if an poster identity has the permission to post activities on an owner identity stream.
static org.exoplatform.social.core.identity.model.Identity getAuthenticatedUserIdentity()
          Deprecated. use Util.getAuthenticatedUserIdentity(String) instead.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SecurityManager

public SecurityManager()
Method Detail

canAccessActivity

public static boolean canAccessActivity(org.exoplatform.container.PortalContainer portalContainer,
                                        String userIdentityId,
                                        org.exoplatform.social.core.activity.model.ExoSocialActivity existingActivity)

Checks if an authenticated remoteId of user can access an existing activity.

If the authenticated identity is the one who posted that existing activity, return true.
If the existing activity belongs to that authenticated identity's activity stream, return true.
If the existing activity belongs to that authenticated identity's connections' activity stream, return true.
If the existing activity belongs to a space stream that the authenticated is a space member, return true.
Otherwise, return false.

Parameters:
portalContainer - the specified portal container
userIdentityId - the authenticated identity to check
existingActivity - the existing activity to check
Returns:
true or false

canAccessActivity

public static boolean canAccessActivity(org.exoplatform.container.PortalContainer portalContainer,
                                        org.exoplatform.social.core.identity.model.Identity authenticatedIdentity,
                                        org.exoplatform.social.core.activity.model.ExoSocialActivity existingActivity)

Checks if an authenticated identity can access an existing activity.

If the authenticated identity is the one who posted that existing activity, return true.
If the existing activity belongs to that authenticated identity's activity stream, return true.
If the existing activity belongs to that authenticated identity's connections' activity stream, return true.
If the existing activity belongs to a space stream that the authenticated is a space member, return true.
Otherwise, return false.

Parameters:
portalContainer - the specified portal container
authenticatedIdentity - the authenticated identity to check
existingActivity - the existing activity to check
Returns:
true or false

canPostActivity

public static boolean canPostActivity(org.exoplatform.container.PortalContainer portalContainer,
                                      org.exoplatform.social.core.identity.model.Identity authenticatedIdentity,
                                      org.exoplatform.social.core.identity.model.Identity ownerIdentityStream)

Checks if an poster identity has the permission to post activities on an owner identity stream.

If posterIdentity is the same as ownerIdentityStream, return true.
If ownerIdentityStream is a user identity, and poster identity is connected to owner identity stream, return true.
If ownerIdentityStream is a space identity, and poster identity is a member of that space, return true.
Otherwise, return false.

Parameters:
portalContainer - the specified portal container
authenticatedIdentity - the authenticated identity to check
ownerIdentityStream - the identity of an existing activity stream.
Returns:
true or false

canDeleteActivity

public static boolean canDeleteActivity(org.exoplatform.container.PortalContainer portalContainer,
                                        org.exoplatform.social.core.identity.model.Identity authenticatedIdentity,
                                        org.exoplatform.social.core.activity.model.ExoSocialActivity existingActivity)

Checks if an authenticated identity has the permission to delete an existing activity.

If the authenticated identity is the identity who creates that existing activity, return true.
If the authenticated identity is the stream owner of that existing activity, return true.
Otherwise, return false.

Parameters:
portalContainer - the specified portal container
authenticatedIdentity - the identity to check
existingActivity - the existing activity
Returns:
true or false

canCommentToActivity

public static boolean canCommentToActivity(org.exoplatform.container.PortalContainer portalContainer,
                                           org.exoplatform.social.core.identity.model.Identity authenticatedIdentity,
                                           org.exoplatform.social.core.activity.model.ExoSocialActivity existingActivity)

Checks if an authenticated identity has the permission to comment on an existing activity.

If commenterIdentity is the one who creates the existing activity, return true.
If commenterIdentity is the one who is connected to existing activity's user identity, return true.
If commenterIdentity is the one who is a member of the existing activity's space identity, return true.
Otherwise, return false.

Parameters:
portalContainer - the specified portal container
authenticatedIdentity - the authenticated identity to check
existingActivity - the existing activity
Returns:
true or false

canDeleteComment

public static boolean canDeleteComment(org.exoplatform.container.PortalContainer portalContainer,
                                       org.exoplatform.social.core.identity.model.Identity authenticatedIdentity,
                                       org.exoplatform.social.core.activity.model.ExoSocialActivity existingComment)

Checks if an authenticated identity has the permission to delete an existing comment.

If authenticatedIdentity is the one who creates the existing comment, return true.
If authenticatedIdentity is the one who create the activity for that existing comment, return true. If authenticatedIdentity is the one who is the stream owner of that comment to an activity, return true.
If authenticatedIdentity is the one who is a manager of the existing activity's space identity, return true.
Otherwise, return false.

Parameters:
portalContainer - the specified portal container
authenticatedIdentity - the authenticated identity to check
existingComment - the existing comment
Returns:
true or false

getAuthenticatedUserIdentity

public static org.exoplatform.social.core.identity.model.Identity getAuthenticatedUserIdentity()
Deprecated. use Util.getAuthenticatedUserIdentity(String) instead.

Gets the current logged in Identity, if not logged in return null

Returns:
logged in Identity or null
Since:
1.2.2

canAccessActivityStream

public static boolean canAccessActivityStream(org.exoplatform.container.PortalContainer portalContainer,
                                              org.exoplatform.social.core.identity.model.Identity authenticatedIdentity,
                                              org.exoplatform.social.core.identity.model.Identity ownerStream)
Checks if an authenticated identity could access the activity stream of an owner stream identity. If the owner stream is a user identity, return true. If the owner stream is a space identity, return true only if the authenticated identity is the space member. Note that: this can work only with access permission of user - user, user - space. If there is other identity type, this will return true.

Parameters:
portalContainer - the portal container
authenticatedIdentity - the authenticated identity
ownerStream - the stream owner identity
Returns:
true or false to indicate access permission
Since:
1.2.3
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2003-2013 eXo Platform SAS. All Rights Reserved.