|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.eclipse.emf.emfstore.internal.server.accesscontrol.AccessControlImpl
public class AccessControlImpl
Implementation of an AccessControl
combining authentication and authorization.
Constructor Summary | |
---|---|
AccessControlImpl(ACDAOFacade acDAOFacade)
Default constructor. |
Method Summary | |
---|---|
void |
checkAccess(MethodInvocation op)
Checks whether a given operation may be executed. |
boolean |
checkProjectAdminAccess(SessionId sessionId,
ProjectId projectId)
Check if the session is valid for admin access to the given project. |
boolean |
checkProjectAdminAccess(SessionId sessionId,
ProjectId projectId,
PAPrivileges privileg)
Check if the session is valid for admin access to the given project. |
boolean |
checkProjectAdminAccessForOrgUnit(SessionId sessionId,
ACOrgUnitId orgUnitId)
Check if the session is valid for admin access to the given organizational unit. |
boolean |
checkProjectAdminAccessForOrgUnit(SessionId sessionId,
ACOrgUnitId orgUnitId,
Set<ProjectId> projectIds)
Check if the session is valid for admin access to the given organizational unit. |
void |
checkReadAccess(SessionId sessionId,
ProjectId projectId,
Set<org.eclipse.emf.ecore.EObject> modelElements)
Check if the session may read the given model elements in the project. |
void |
checkServerAdminAccess(SessionId sessionId)
Check if the session is valid for server admin access. |
void |
checkSession(SessionId sessionId)
Check if the given session is valid. |
void |
checkWriteAccess(SessionId sessionId,
ProjectId projectId,
Set<org.eclipse.emf.ecore.EObject> modelElements)
Check if the session may write the given model elements in the project. |
AbstractAuthenticationControl |
getAuthenticationControl()
Returns the authentication control that is currently used by the access control. |
AuthenticationInformation |
logIn(String username,
String password,
ClientVersionInfo clientVersionInfo)
Log in with the given credentials. |
void |
logout(SessionId sessionId)
Log out the session with the given ID. |
SessionId |
resolveSessionById(String sessionId)
Given an session ID as a string, returns the corresponding session, if any. |
ACUser |
resolveUser(ACOrgUnitId id)
This method looks up the orgUnit id the server and returns the relating user. |
ACUser |
resolveUser(SessionId sessionId)
This method looks up the session id on the server and returns the relating user. |
void |
setAuthenticationControl(AbstractAuthenticationControl authenticationControl)
Sets the authentication control to be used by the access control. |
Methods inherited from class java.lang.Object |
---|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public AccessControlImpl(ACDAOFacade acDAOFacade) throws FatalESException
acDAOFacade
- a DAO facade encapsulating different AC related DAOs
FatalESException
- an exceptionMethod Detail |
---|
public AuthenticationInformation logIn(String username, String password, ClientVersionInfo clientVersionInfo) throws AccessControlException
logIn
in interface AccessControl
username
- the username as entered by the clientpassword
- the password as entered by the clientclientVersionInfo
- the version of the client
AuthenticationInformation
holding information
about the logged-in session
AccessControlException
- in case an error occurs during the loginAuthenticationControl.logIn(org.eclipse.emf.emfstore.internal.server.model.accesscontrol.ACUser,
java.lang.String, java.lang.String, org.eclipse.emf.emfstore.internal.server.model.ClientVersionInfo)
public void logout(SessionId sessionId) throws AccessControlException
logout
in interface AccessControl
sessionId
- the ID of the session to be logged out
AccessControlException
- in case logout failsAccessControl.logout(org.eclipse.emf.emfstore.internal.server.model.SessionId)
public void checkSession(SessionId sessionId) throws AccessControlException
checkSession
in interface AuthorizationControl
sessionId
- the session id
AccessControlException
- if the session is invalidAuthorizationControl.checkSession(org.eclipse.emf.emfstore.internal.server.model.SessionId)
public void checkWriteAccess(SessionId sessionId, ProjectId projectId, Set<org.eclipse.emf.ecore.EObject> modelElements) throws AccessControlException
checkWriteAccess
in interface AuthorizationControl
sessionId
- session idprojectId
- project idmodelElements
- a set of model elements
AccessControlException
- if the session may not write any of the model elementsAuthorizationControl.checkWriteAccess(org.eclipse.emf.emfstore.internal.server.model.SessionId,
org.eclipse.emf.emfstore.internal.server.model.ProjectId, java.util.Set)
public void checkReadAccess(SessionId sessionId, ProjectId projectId, Set<org.eclipse.emf.ecore.EObject> modelElements) throws AccessControlException
checkReadAccess
in interface AuthorizationControl
sessionId
- session idprojectId
- project idmodelElements
- a set of model elements
AccessControlException
- if the session may not read any of the model elementsAuthorizationControl.checkReadAccess(org.eclipse.emf.emfstore.internal.server.model.SessionId,
org.eclipse.emf.emfstore.internal.server.model.ProjectId, java.util.Set)
public boolean checkProjectAdminAccess(SessionId sessionId, ProjectId projectId, PAPrivileges privileg) throws AccessControlException
checkProjectAdminAccess
in interface AuthorizationControl
sessionId
- the session idprojectId
- the project id. May be null
privileg
- the PAPrivileges
to be checked
true
, if permission is granted via the server admin role, false
otherwise
AccessControlException
- if the session is invalid for admin accessAuthorizationControl.checkProjectAdminAccess(org.eclipse.emf.emfstore.internal.server.model.SessionId,
org.eclipse.emf.emfstore.internal.server.model.ProjectId)
public boolean checkProjectAdminAccessForOrgUnit(SessionId sessionId, ACOrgUnitId orgUnitId) throws AccessControlException
checkProjectAdminAccessForOrgUnit
in interface AuthorizationControl
sessionId
- the session idorgUnitId
- the ID of an organizational unit
true
, if permission is granted via the server admin role, false
otherwise
AccessControlException
- if the session is invalid for admin accessAuthorizationControl.checkProjectAdminAccessForOrgUnit(org.eclipse.emf.emfstore.internal.server.model.SessionId,
org.eclipse.emf.emfstore.internal.server.model.accesscontrol.ACOrgUnitId)
public boolean checkProjectAdminAccessForOrgUnit(SessionId sessionId, ACOrgUnitId orgUnitId, Set<ProjectId> projectIds) throws AccessControlException
checkProjectAdminAccessForOrgUnit
in interface AuthorizationControl
sessionId
- the session idorgUnitId
- the ID of an organizational unitprojectIds
- the set of ProjectId
s for which to check access for
true
, if permission is granted via the server admin role, false
otherwise
AccessControlException
- if the session is invalid for admin accessAuthorizationControl.checkProjectAdminAccessForOrgUnit(org.eclipse.emf.emfstore.internal.server.model.SessionId,
org.eclipse.emf.emfstore.internal.server.model.accesscontrol.ACOrgUnitId, java.util.Set)
public boolean checkProjectAdminAccess(SessionId sessionId, ProjectId projectId) throws AccessControlException
checkProjectAdminAccess
in interface AuthorizationControl
sessionId
- the session idprojectId
- the project id. May be null
true
, if permission is granted via the server admin role, false
otherwise
AccessControlException
- if the session is invalid for admin accessAuthorizationControl.checkProjectAdminAccess(org.eclipse.emf.emfstore.internal.server.model.SessionId,
org.eclipse.emf.emfstore.internal.server.model.ProjectId)
public void checkServerAdminAccess(SessionId sessionId) throws AccessControlException
checkServerAdminAccess
in interface AuthorizationControl
sessionId
- the session id
AccessControlException
- if the session is invalid for server admin accessAuthorizationControl.checkServerAdminAccess(org.eclipse.emf.emfstore.internal.server.model.SessionId)
public ACUser resolveUser(SessionId sessionId) throws AccessControlException
resolveUser
in interface AuthorizationControl
sessionId
- session id
AccessControlException
- exceptionpublic ACUser resolveUser(ACOrgUnitId id) throws AccessControlException
resolveUser
in interface AuthorizationControl
id
- OrgUnit id
AccessControlException
- exceptionpublic void checkAccess(MethodInvocation op) throws AccessControlException
checkAccess
in interface AuthorizationControl
op
- the operation the user intends to execute
AccessControlException
- in case access is deniedAuthorizationControl.checkAccess(org.eclipse.emf.emfstore.internal.server.core.MethodInvocation)
public AbstractAuthenticationControl getAuthenticationControl()
public void setAuthenticationControl(AbstractAuthenticationControl authenticationControl)
setAuthenticationControl
in interface AccessControl
authenticationControl
- the authentication control to be usedpublic SessionId resolveSessionById(String sessionId)
resolveSessionById
in interface AuthorizationControl
sessionId
- the session ID to be resolved
AuthorizationControl.resolveSessionById(java.lang.String)
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |