public interface IAuthorizationService
| Modifier and Type | Interface and Description |
|---|---|
static class |
IAuthorizationService.AuthState |
| Modifier and Type | Method and Description |
|---|---|
Collection<Authorization> |
getAuthorizationsForUser(String authorizableId,
User user)
Get the
Authorizations granted to a user. |
List<Authorization> |
getInOrderOfRestriction(Collection<Authorization> userAuthsForFeature,
boolean leastRestrictiveToMost)
When confronted with multiple Authorizations return a new List of
Authorization.Max weight, i.e. |
Authorization |
getLeastRestrictive(Collection<Authorization> userAuthsForFeature)
When confronted with multiple Authorizations return the least restrictive
Authorization |
Authorization |
getMostRestrictive(Collection<Authorization> userAuthsForFeature)
When confronted with multiple Authorizations return the most restrictive
Authorization |
<R extends Role> |
getRoleService()
|
IAuthorizationService.AuthState |
isAuthorized(Authorization featureRequiredAuth,
Collection<Authorization> userAuthsForFeature)
|
IAuthorizationService.AuthState |
isAuthorized(Collection<Authorization> featureRequiredAuths,
Collection<Authorization> userAuthsForFeature)
Authorize the
Users Authorizations against the Authorizations required by the feature.This is completely left to implementation as a general rule the user must satisfy one of the roles demanded by the feature (but some implementation may choose to upset this rule if required) |
IAuthorizationService.AuthState isAuthorized(Collection<Authorization> featureRequiredAuths, Collection<Authorization> userAuthsForFeature)
Users Authorizations against the Authorizations required by the feature.featureRequiredAuths - as Collection of Authorization @nullable trueuserAuthsForFeature - as Collection of Authorization @nullable trueIAuthorizationService.AuthStateIAuthorizationService.AuthState isAuthorized(Authorization featureRequiredAuth, Collection<Authorization> userAuthsForFeature)
featureRequiredAuth - @nullable trueuserAuthsForFeature - as Collection of Authorization @nullable trueIAuthorizationService.AuthStateAuthorization getMostRestrictive(Collection<Authorization> userAuthsForFeature)
AuthorizationuserAuthsForFeature - as Collection of Authorization @nullable trueAuthorization @nullable true if none foundAuthorization getLeastRestrictive(Collection<Authorization> userAuthsForFeature)
AuthorizationuserAuthsForFeature - as Collection of Authorization @nullable trueAuthorization @nullable true if none foundList<Authorization> getInOrderOfRestriction(Collection<Authorization> userAuthsForFeature, boolean leastRestrictiveToMost)
Authorization.userAuthsForFeature - as Collection of Authorization @nullable trueleastRestrictiveToMost - as boolean. If true Least restrictive element will be first and most restrictive, the last.Collection<Authorization> getAuthorizationsForUser(String authorizableId, User user)
Authorizations granted to a user. If User.getRoleNames() is not empty then append them.
Authorizations are determined at runtime, while direct auths are setup from the User object directly. This implis
that if we change a Role, then those changes will impact the user @ runtime and will be dynamic.authorizableId - as String , which can be derived from any Authorizable.getAuthorizableId(). Example(s): IModuleAware or MountModuleUI or a simple Authorizable entity.user - as UserCollection of Authorization<R extends Role> RoleService<R> getRoleService()
Copyright © 2018. All rights reserved.