Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.jasig.portal.security.provider
Class AnyUnblockedGrantPermissionPolicy

java.lang.Object
  extended by org.jasig.portal.security.provider.AnyUnblockedGrantPermissionPolicy
All Implemented Interfaces:
IPermissionPolicy
public class AnyUnblockedGrantPermissionPolicy
extends Object
implements IPermissionPolicy

If there exists a GRANT explicitly for the Principal for the Activity under consideration, this permission policy will GRANT permission. If there exists a GRANT for a group containing the Principal for the Activity under consideration, and there is a path up the groups tree from the Principal to that GRANTed group that is not interrupted by a Deny for an intervening group in the tree, then this permission policy will GRANT permission. Otherwise, this permission policy will DENY permission. Examples: Principal (GRANT) -- Small group -- Bigger group -- Huge group Results in GRANT because the Principal has an explicit permission. Principal -- Small group -- Bigger group (GRANT) -- Huge group Results in GRANT because there is an unblocked path to a containing group with GRANT. Principal -- Small group (DENY) -- Bigger group (GRANT) -- Huge group Results in DENY because there is no unblocked path to a grant -- the "Bigger group"'s GRANT does not apply because of the intervening DENY. Principal -- Small group (DENY) -- Bigger group -- Huge group Principal -- Some other group -- Bigger other group (GRANT) -- Huge group Results in GRANT because there is an unblocked path to a GRANT.

Field Summary
protected  org.apache.commons.logging.Log log
           
 
Constructor Summary
AnyUnblockedGrantPermissionPolicy()
           
 
Method Summary
 boolean doesPrincipalHavePermission(IAuthorizationService service, IAuthorizationPrincipal principal, String owner, String activity, String target)
          Answers if the owner has authorized the principal to perform the activity on the target, based on permissions provided by the service.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

log

protected final org.apache.commons.logging.Log log
Constructor Detail

AnyUnblockedGrantPermissionPolicy

public AnyUnblockedGrantPermissionPolicy()
Method Detail

doesPrincipalHavePermission

public boolean doesPrincipalHavePermission(IAuthorizationService service,
                                           IAuthorizationPrincipal principal,
                                           String owner,
                                           String activity,
                                           String target)
                                    throws AuthorizationException
Description copied from interface: IPermissionPolicy
Answers if the owner has authorized the principal to perform the activity on the target, based on permissions provided by the service. Params service, owner and activity must be non-null.

Specified by:
doesPrincipalHavePermission in interface IPermissionPolicy
Parameters:
service - org.jasig.portal.security.IAuthorizationService
principal - org.jasig.portal.security.IAuthorizationPrincipal
owner - java.lang.String
activity - java.lang.String
target - java.lang.String
Returns:
boolean
Throws:
AuthorizationException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2010 Jasig. All Rights Reserved.