ContextualAuthorizationManager (XWiki Platform - Security

```
@Role
@Unstable
public interface ContextualAuthorizationManager
```
This API is for checking the access rights of current user in the current context. It is aims to replace com.xpn.xwiki.user.api.XWikiRightService. The ContextualAuthorizationManager does not provide any help for authentication. Authentication should have been ensured previously if needed.

Since:

6.1RC1

Version:

$Id: f9e22bcee1e22d7cf6f94ca081475f022886de7a $

Method Summary

Methods
Modifier and Type	Method and Description
`void`	`checkAccess(Right right)` Check if access identified by `right` on the current entity is allowed in the current context.
`void`	`checkAccess(Right right, EntityReference entityReference)` Check if access identified by `right` on the given entity is allowed in the current context.
`boolean`	`hasAccess(Right right)` Verifies if access identified by `right` on the current entity would be allowed in the current context.
`boolean`	`hasAccess(Right right, EntityReference entityReference)` Verifies if access identified by `right` on the given entity would be allowed in the current context.

- Method Detail
  - checkAccess
```
void checkAccess(Right right)
                 throws AccessDeniedException
```
    Check if access identified by right on the current entity is allowed in the current context. The context includes information like the authenticated user, the current macro being executed, the rendering context restriction, the dropping of rights by macro, etc... This function should be used at security checkpoint.
    
    Parameters:
    right - the right needed for execution of the action
    
    Throws:
    
    AccessDeniedException - if the action should be denied, which may also happen when an error occurs
  - hasAccess
```
boolean hasAccess(Right right)
```
    Verifies if access identified by right on the current entity would be allowed in the current context. The context includes information like the authenticated user, the current macro being executed, the rendering context restriction, the dropping of rights by macro, etc... This function should be used for interface matters, use checkAccess(org.xwiki.security.authorization.Right) at security checkpoints.
    
    Parameters:
    right - the right to check .
    
    Returns:
    true if the user has the specified right on the entity, false otherwise
  - checkAccess
```
void checkAccess(Right right,
               EntityReference entityReference)
                 throws AccessDeniedException
```
    Check if access identified by right on the given entity is allowed in the current context. The context includes information like the authenticated user, the current macro being executed, the rendering context restriction, the dropping of rights by macro, etc... This function should be used at security checkpoint.
    
    Parameters:
    right - the right needed for execution of the action
    entityReference - the entity on which to check the right
    
    Throws:
    
    AccessDeniedException - if the action should be denied, which may also happen when an error occurs
  - hasAccess
```
boolean hasAccess(Right right,
                EntityReference entityReference)
```
    Verifies if access identified by right on the given entity would be allowed in the current context. The context includes information like the authenticated user, the current macro being executed, the rendering context restriction, the dropping of rights by macro, etc... This function should be used for interface matters, use checkAccess(org.xwiki.security.authorization.Right) at security checkpoints.
    
    Parameters:
    right - the right to check .
    entityReference - the entity on which to check the right
    
    Returns:
    true if the user has the specified right on the entity, false otherwise

Interface ContextualAuthorizationManager

Method Summary

Method Detail

checkAccess

hasAccess

checkAccess

hasAccess