com.neurosys.amorphous.service.jaxrs

Class AuthorizableSecurableService

java.lang.Object

com.neurosys.amorphous.service.jaxrs.AnyWebService

com.neurosys.amorphous.service.jaxrs.SecurableService

com.neurosys.amorphous.service.jaxrs.AuthorizableSecurableService

All Implemented Interfaces:

Authorizable

Direct Known Subclasses:

SiteAuthorizableSecurableService, UserLookupService

public abstract class AuthorizableSecurableService
extends SecurableService
implements Authorizable

A service that allows SecurableService to be Authorizablealso.

Author:

Arjun Dhar

Field Summary

Fields inherited from class com.neurosys.amorphous.service.jaxrs.AnyWebService

applicationContext, CACHE, NO_CACHE, request, response

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	AuthorizableSecurableService(boolean checkAuthFiltered)

Method Summary

Modifier and Type	Method and Description
protected void	filter(Authorizable authorizable) Authorization filter for User By default there is no additional Authorization check; however one is encouraged to override this and check the User in the request for any additional authorizations.
String	getAuthorizableId() Every Authorizable entity should specify its key/id so that the Calling API knows which Set of Authorizations to match with
protected abstract IAuthorizationService	getAuthorizableService() Define an AuthorizationService
Collection<Authorization>	getAuthorizations() Authorizations needed to access this service
protected abstract User	getUser(javax.servlet.http.HttpServletRequest request) Get User for the current HttpServletRequest
void	setAuthorizableId(String authorizableId)
void	setAuthorizations(Collection<Authorization> authorizations) Authorizations needed to access this service

Methods inherited from class com.neurosys.amorphous.service.jaxrs.SecurableService

checkAuthFilterInvoked, query

Methods inherited from class com.neurosys.amorphous.service.jaxrs.AnyWebService

filter, getCacheDef, getTestString, query

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.neurosys.security.auth.domain.Authorizable

getAuthorizableIdAssignable

Constructor Detail

AuthorizableSecurableService

protected AuthorizableSecurableService(boolean checkAuthFiltered)

Method Detail

getUser

protected abstract User getUser(javax.servlet.http.HttpServletRequest request)

Get User for the current HttpServletRequest

Parameters:

request - as HttpServletRequest

Returns:

User

getAuthorizableService

protected abstract IAuthorizationService getAuthorizableService()

Define an AuthorizationService

filter

protected void filter(Authorizable authorizable)
               throws org.springframework.security.access.AuthorizationServiceException

Authorization filter for User
By default there is no additional Authorization check; however one is encouraged to override this and check the User in the request for any additional authorizations.

Overrides:

filter in class SecurableService

Throws:

org.springframework.security.access.AuthorizationServiceException - if user not Authorized for the Service

getAuthorizations

public Collection<Authorization> getAuthorizations()

Authorizations needed to access this service

Specified by:

getAuthorizations in interface Authorizable

setAuthorizations

public void setAuthorizations(Collection<Authorization> authorizations)

Authorizations needed to access this service

Specified by:

setAuthorizations in interface Authorizable

getAuthorizableId

public String getAuthorizableId()

Description copied from interface: Authorizable

Every Authorizable entity should specify its key/id so that the Calling API knows which Set of Authorizations to match with

Specified by:

getAuthorizableId in interface Authorizable

Returns:

String

setAuthorizableId

public void setAuthorizableId(String authorizableId)

Specified by:

setAuthorizableId in interface Authorizable