Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.jasig.portal.security.provider
Class AuthorizationImpl

java.lang.Object
  extended by org.jasig.portal.security.provider.AuthorizationImpl
All Implemented Interfaces:
IAuthorizationService
public class AuthorizationImpl
extends Object
implements IAuthorizationService

Version:
$Revision: 21117 $ $Date: 2010-07-16 13:19:07 -0500 (Fri, 16 Jul 2010) $
Author:
Bernie Durfee, bdurfee@interactivebusiness.com, Dan Ellentuck, Scott Battaglia

Field Summary
protected  IChannelRegistryStore channelRegistryStore
          Spring-configured channel registry store instance
protected  org.apache.commons.logging.Log log
          Instance of log in order to log events.
 
Constructor Summary
protected AuthorizationImpl()
           
 
Method Summary
 void addPermissions(IPermission[] permissions)
          Adds IPermissions to the back end store.
protected  void cacheAdd(IPermissionSet ps)
          Adds the IPermissionSet to the entity cache.
protected  IPermissionSet cacheGet(IAuthorizationPrincipal principal)
          Retrieves the IPermissionSet for the IPermissionSet from the entity cache.
protected  void cacheRemove(IAuthorizationPrincipal ap)
          Removes the IPermissionSet for this principal from the entity cache.
protected  void cacheUpdate(IPermissionSet ps)
          Updates the IPermissionSet in the entity cache.
 boolean canPrincipalConfigure(IAuthorizationPrincipal principal, int channelPublishId)
          Answers if the principal has permission to use the CONFIG PortletMode on this Channel.
 boolean canPrincipalManage(IAuthorizationPrincipal principal, ChannelLifecycleState state, String categoryId)
          This checks if the framework has granted principal a right to publish.
 boolean canPrincipalManage(IAuthorizationPrincipal principal, int channelPublishId)
          Answers if the principal has permission to MANAGE this Channel.
 boolean canPrincipalRender(IAuthorizationPrincipal principal, int channelPublishId)
          Answers if the principal has permission to RENDER this Channel.
 boolean canPrincipalSubscribe(IAuthorizationPrincipal principal, int channelPublishId)
          Answers if the principal has permission to SUBSCRIBE to this Channel.
 boolean doesPrincipalHavePermission(IAuthorizationPrincipal principal, String owner, String activity, String target)
          Answers if the owner has given the principal (or any of its parents) permission to perform the activity on the target.
 boolean doesPrincipalHavePermission(IAuthorizationPrincipal principal, String owner, String activity, String target, IPermissionPolicy policy)
          Answers if the owner has given the principal permission to perform the activity on the target, as evaluated by the policy.
 IPermission[] getAllPermissionsForPrincipal(IAuthorizationPrincipal principal, String owner, String activity, String target)
          Returns the IPermissions owner has granted this Principal for the specified activity and target.
 Vector getAuthorizedChannels(IAuthorizationPrincipal principal)
          Does this mean all channels the principal could conceivably subscribe to or all channels principal is specifically authorized to subscribe to, or what?
 IAuthorizationPrincipal[] getAuthorizedPrincipals(String owner, String activity, String target)
          Returns IAuthorizationPrincipals that have IPermissions for the given owner, activity and target.
protected  IPermissionPolicy getDefaultPermissionPolicy()
           
 IGroupMember getGroupMember(IAuthorizationPrincipal principal)
           
 IPermission[] getPermissionsForOwner(String owner, String activity, String target)
          Returns the IPermissions owner has granted for the specified activity and target.
 IPermission[] getPermissionsForPrincipal(IAuthorizationPrincipal principal, String owner, String activity, String target)
          Returns the IPermissions owner has granted this Principal for the specified activity and target.
 IAuthorizationPrincipal getPrincipal(IPermission permission)
          Returns IAuthorizationPrincipal associated with the IPermission.
 String getPrincipalString(IAuthorizationPrincipal principal)
          Returns the String used by an IPermission to represent an IAuthorizationPrincipal.
 IPermission[] getUncachedPermissionsForPrincipal(IAuthorizationPrincipal principal, String owner, String activity, String target)
          Returns the IPermissions owner has granted this Principal for the specified activity and target.
 IPermission newPermission(String owner)
          Factory method for an IPermission.
 IPermission newPermission(String owner, IAuthorizationPrincipal principal)
          Factory method for an IPermission.
 IPermissionManager newPermissionManager(String owner)
          Factory method for IPermissionManager.
 IAuthorizationPrincipal newPrincipal(IGroupMember groupMember)
          Converts an IGroupMember into an IAuthorizationPrincipal.
 IAuthorizationPrincipal newPrincipal(String key, Class type)
          Factory method for IAuthorizationPrincipal.
 IUpdatingPermissionManager newUpdatingPermissionManager(String owner)
          Factory method for IUpdatingPermissionManager.
 void removePermissions(IPermission[] permissions)
          Removes IPermissions from the back end store.
protected  void setDefaultPermissionPolicy(IPermissionPolicy newDefaultPermissionPolicy)
           
static IAuthorizationService singleton()
           
 void updatePermissions(IPermission[] permissions)
          Updates IPermissions in the back end store.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

log

protected final org.apache.commons.logging.Log log
Instance of log in order to log events.

channelRegistryStore

protected final IChannelRegistryStore channelRegistryStore
Spring-configured channel registry store instance

Constructor Detail

AuthorizationImpl

protected AuthorizationImpl()
Method Detail

addPermissions

public void addPermissions(IPermission[] permissions)
                    throws AuthorizationException
Adds IPermissions to the back end store.

Specified by:
addPermissions in interface IAuthorizationService
Parameters:
permissions - IPermission[]
Throws:
AuthorizationException

cacheAdd

protected void cacheAdd(IPermissionSet ps)
                 throws AuthorizationException
Adds the IPermissionSet to the entity cache.

Throws:
AuthorizationException

cacheGet

protected IPermissionSet cacheGet(IAuthorizationPrincipal principal)
                           throws AuthorizationException
Retrieves the IPermissionSet for the IPermissionSet from the entity cache.

Throws:
AuthorizationException

cacheRemove

protected void cacheRemove(IAuthorizationPrincipal ap)
                    throws AuthorizationException
Removes the IPermissionSet for this principal from the entity cache.

Throws:
AuthorizationException

cacheUpdate

protected void cacheUpdate(IPermissionSet ps)
                    throws AuthorizationException
Updates the IPermissionSet in the entity cache.

Throws:
AuthorizationException

canPrincipalConfigure

public boolean canPrincipalConfigure(IAuthorizationPrincipal principal,
                                     int channelPublishId)
                              throws AuthorizationException
Description copied from interface: IAuthorizationService
Answers if the principal has permission to use the CONFIG PortletMode on this Channel.

Specified by:
canPrincipalConfigure in interface IAuthorizationService
Parameters:
principal - IAuthorizationPrincipal
channelPublishId - int
Returns:
boolean
Throws:
AuthorizationException - indicates authorization information could not be retrieved.

canPrincipalManage

public boolean canPrincipalManage(IAuthorizationPrincipal principal,
                                  int channelPublishId)
                           throws AuthorizationException
Answers if the principal has permission to MANAGE this Channel.

Specified by:
canPrincipalManage in interface IAuthorizationService
Parameters:
principal - IAuthorizationPrincipal
channelPublishId - int
Returns:
boolean
Throws:
AuthorizationException - indicates authorization information could not be retrieved.

canPrincipalManage

public boolean canPrincipalManage(IAuthorizationPrincipal principal,
                                  ChannelLifecycleState state,
                                  String categoryId)
                           throws AuthorizationException
This checks if the framework has granted principal a right to publish. DO WE WANT SOMETHING THIS COARSE (de)?

Specified by:
canPrincipalManage in interface IAuthorizationService
Parameters:
principal - IAuthorizationPrincipal
Returns:
boolean
Throws:
AuthorizationException

canPrincipalRender

public boolean canPrincipalRender(IAuthorizationPrincipal principal,
                                  int channelPublishId)
                           throws AuthorizationException
Answers if the principal has permission to RENDER this Channel. This implementation currently delegates to the SUBSCRIBE permission.

Specified by:
canPrincipalRender in interface IAuthorizationService
Parameters:
principal - IAuthorizationPrincipal
channelPublishId - int
Returns:
boolean
Throws:
AuthorizationException - indicates authorization information could not be retrieved.

canPrincipalSubscribe

public boolean canPrincipalSubscribe(IAuthorizationPrincipal principal,
                                     int channelPublishId)
Answers if the principal has permission to SUBSCRIBE to this Channel.

Specified by:
canPrincipalSubscribe in interface IAuthorizationService
Parameters:
principal - IAuthorizationPrincipal
channelPublishId - int
Returns:
boolean
Throws:
AuthorizationException - indicates authorization information could not be retrieved.

doesPrincipalHavePermission

public boolean doesPrincipalHavePermission(IAuthorizationPrincipal principal,
                                           String owner,
                                           String activity,
                                           String target)
                                    throws AuthorizationException
Answers if the owner has given the principal (or any of its parents) permission to perform the activity on the target. Params owner and activity must be non-null. If target is null, then target is not checked.

Specified by:
doesPrincipalHavePermission in interface IAuthorizationService
Parameters:
principal - IAuthorizationPrincipal
owner - java.lang.String
activity - java.lang.String
target - java.lang.String
Returns:
boolean
Throws:
AuthorizationException - indicates authorization information could not be retrieved.

doesPrincipalHavePermission

public boolean doesPrincipalHavePermission(IAuthorizationPrincipal principal,
                                           String owner,
                                           String activity,
                                           String target,
                                           IPermissionPolicy policy)
                                    throws AuthorizationException
Answers if the owner has given the principal permission to perform the activity on the target, as evaluated by the policy. Params policy, owner and activity must be non-null.

Specified by:
doesPrincipalHavePermission in interface IAuthorizationService
Parameters:
principal - IAuthorizationPrincipal
owner - java.lang.String
activity - java.lang.String
target - java.lang.String
Returns:
boolean
Throws:
AuthorizationException - indicates authorization information could not be retrieved.

getAllPermissionsForPrincipal

public IPermission[] getAllPermissionsForPrincipal(IAuthorizationPrincipal principal,
                                                   String owner,
                                                   String activity,
                                                   String target)
                                            throws AuthorizationException
Returns the IPermissions owner has granted this Principal for the specified activity and target. Null parameters will be ignored, that is, all IPermissions matching the non-null parameters are retrieved. So, getPermissions(principal,null, null, null) should retrieve all IPermissions for a Principal. Note that this includes IPermissions inherited from groups the Principal belongs to.

Specified by:
getAllPermissionsForPrincipal in interface IAuthorizationService
Parameters:
principal - IAuthorizationPrincipal
owner - java.lang.String
activity - java.lang.String
target - java.lang.String
Returns:
org.jasig.portal.security.IPermission[]
Throws:
AuthorizationException - indicates authorization information could not be retrieved.

getAuthorizedChannels

public Vector getAuthorizedChannels(IAuthorizationPrincipal principal)
                             throws AuthorizationException
Does this mean all channels the principal could conceivably subscribe to or all channels principal is specifically authorized to subscribe to, or what?

Specified by:
getAuthorizedChannels in interface IAuthorizationService
Parameters:
principal - IAuthorizationPrincipal
Returns:
Vector (of channels?)
Throws:
AuthorizationException - indicates authorization information could not

getAuthorizedPrincipals

public IAuthorizationPrincipal[] getAuthorizedPrincipals(String owner,
                                                         String activity,
                                                         String target)
                                                  throws AuthorizationException
Returns IAuthorizationPrincipals that have IPermissions for the given owner, activity and target.

Parameters:
owner -
activity -
target -
Returns:
IAuthorizationPrincipal[]
Throws:
AuthorizationException

getDefaultPermissionPolicy

protected IPermissionPolicy getDefaultPermissionPolicy()
Returns:
org.jasig.portal.security.IPermissionPolicy

getGroupMember

public IGroupMember getGroupMember(IAuthorizationPrincipal principal)
                            throws GroupsException
Specified by:
getGroupMember in interface IAuthorizationService
Parameters:
principal - org.jasig.portal.security.IAuthorizationPrincipal
Returns:
org.jasig.portal.groups.IGroupMember
Throws:
GroupsException

getPermissionsForOwner

public IPermission[] getPermissionsForOwner(String owner,
                                            String activity,
                                            String target)
                                     throws AuthorizationException
Returns the IPermissions owner has granted for the specified activity and target. Null parameters will be ignored, that is, all IPermissions matching the non-null parameters are retrieved.

Specified by:
getPermissionsForOwner in interface IAuthorizationService
Parameters:
owner - java.lang.String
activity - java.lang.String
target - java.lang.String
Returns:
org.jasig.portal.security.IPermission[]
Throws:
AuthorizationException - indicates authorization information could not be retrieved.

getPermissionsForPrincipal

public IPermission[] getPermissionsForPrincipal(IAuthorizationPrincipal principal,
                                                String owner,
                                                String activity,
                                                String target)
                                         throws AuthorizationException
Returns the IPermissions owner has granted this Principal for the specified activity and target. Null parameters will be ignored, that is, all IPermissions matching the non-null parameters are retrieved. So, getPermissions(principal,null, null, null) should retrieve all IPermissions for a Principal.

Specified by:
getPermissionsForPrincipal in interface IAuthorizationService
Parameters:
principal - IAuthorizationPrincipal
owner - java.lang.String
activity - java.lang.String
target - java.lang.String
Returns:
org.jasig.portal.security.IPermission[]
Throws:
AuthorizationException - indicates authorization information could not be retrieved.

getPrincipal

public IAuthorizationPrincipal getPrincipal(IPermission permission)
                                     throws AuthorizationException
Returns IAuthorizationPrincipal associated with the IPermission.

Specified by:
getPrincipal in interface IAuthorizationService
Parameters:
permission - IPermission
Returns:
IAuthorizationPrincipal
Throws:
AuthorizationException

getPrincipalString

public String getPrincipalString(IAuthorizationPrincipal principal)
Returns the String used by an IPermission to represent an IAuthorizationPrincipal.

Specified by:
getPrincipalString in interface IAuthorizationService
Parameters:
principal - org.jasig.portal.security.IAuthorizationPrincipal

getUncachedPermissionsForPrincipal

public IPermission[] getUncachedPermissionsForPrincipal(IAuthorizationPrincipal principal,
                                                        String owner,
                                                        String activity,
                                                        String target)
                                                 throws AuthorizationException
Returns the IPermissions owner has granted this Principal for the specified activity and target. Null parameters will be ignored, that is, all IPermissions matching the non-null parameters are retrieved. So, getPermissions(principal,null, null, null) should retrieve all IPermissions for a Principal. Ignore any cached IPermissions.

Parameters:
principal - IAuthorizationPrincipal
owner - java.lang.String
activity - java.lang.String
target - java.lang.String
Returns:
org.jasig.portal.security.IPermission[]
Throws:
AuthorizationException - indicates authorization information could not be retrieved.

newPermission

public IPermission newPermission(String owner)
Factory method for an IPermission.

Parameters:
owner - String
Returns:
org.jasig.portal.security.Permission

newPermission

public IPermission newPermission(String owner,
                                 IAuthorizationPrincipal principal)
Factory method for an IPermission.

Specified by:
newPermission in interface IAuthorizationService
Parameters:
owner - String
principal - IAuthorizationPrincipal
Returns:
org.jasig.portal.security.IPermission

newPermissionManager

public IPermissionManager newPermissionManager(String owner)
Factory method for IPermissionManager.

Specified by:
newPermissionManager in interface IAuthorizationService
Parameters:
owner - java.lang.String
Returns:
org.jasig.portal.security.IPermissionManager

newPrincipal

public IAuthorizationPrincipal newPrincipal(String key,
                                            Class type)
Factory method for IAuthorizationPrincipal. First check the principal cache, and if not present, create the principal and cache it.

Specified by:
newPrincipal in interface IAuthorizationService
Parameters:
key - java.lang.String
type - java.lang.Class
Returns:
org.jasig.portal.security.IAuthorizationPrincipal

newPrincipal

public IAuthorizationPrincipal newPrincipal(IGroupMember groupMember)
                                     throws GroupsException
Converts an IGroupMember into an IAuthorizationPrincipal.

Specified by:
newPrincipal in interface IAuthorizationService
Parameters:
groupMember - org.jasig.portal.groups.IGroupMember
Returns:
org.jasig.portal.security.IAuthorizationPrincipal
Throws:
GroupsException

newUpdatingPermissionManager

public IUpdatingPermissionManager newUpdatingPermissionManager(String owner)
Factory method for IUpdatingPermissionManager.

Specified by:
newUpdatingPermissionManager in interface IAuthorizationService
Parameters:
owner - java.lang.String
Returns:
org.jasig.portal.security.IUpdatingPermissionManager

removePermissions

public void removePermissions(IPermission[] permissions)
                       throws AuthorizationException
Removes IPermissions from the back end store.

Specified by:
removePermissions in interface IAuthorizationService
Parameters:
permissions - IPermission[]
Throws:
AuthorizationException

setDefaultPermissionPolicy

protected void setDefaultPermissionPolicy(IPermissionPolicy newDefaultPermissionPolicy)
Parameters:
newDefaultPermissionPolicy - org.jasig.portal.security.IPermissionPolicy

singleton

public static IAuthorizationService singleton()
Returns:
org.jasig.portal.security.provider.IAuthorizationService

updatePermissions

public void updatePermissions(IPermission[] permissions)
                       throws AuthorizationException
Updates IPermissions in the back end store.

Specified by:
updatePermissions in interface IAuthorizationService
Parameters:
permissions - IPermission[]
Throws:
AuthorizationException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2010 Jasig. All Rights Reserved.