com.haulmont.cuba.core.sys

Class SecurityImpl

java.lang.Object

com.haulmont.cuba.core.sys.SecurityImpl

All Implemented Interfaces:

Security

Direct Known Subclasses:

PersistenceSecurityImpl, TestSecurity

@Component(value="cuba_Security")
public class SecurityImpl
extends java.lang.Object
implements Security

Field Summary

Fields

Modifier and Type	Field and Description
protected ExtendedEntities	extendedEntities
protected Metadata	metadata
protected MetadataTools	metadataTools
protected Scripting	scripting
protected UserSessionSource	userSessionSource

Fields inherited from interface com.haulmont.cuba.core.global.Security

NAME

Constructor Summary

Constructors

Constructor and Description
SecurityImpl()

Method Summary

Modifier and Type	Method and Description
void	checkSpecificPermission(java.lang.String name) Check if current user has a specific permission.
java.lang.Object	evaluateConstraintScript(Entity entity, java.lang.String groovyScript)
protected void	fillGroovyConstraintsContext(java.util.Map<java.lang.String,java.lang.Object> context) Override if you need specific context variables in Groovy constraints.
protected java.util.List<ConstraintData>	getConstraints(com.haulmont.chile.core.model.MetaClass metaClass)
protected java.util.List<ConstraintData>	getConstraints(com.haulmont.chile.core.model.MetaClass metaClass, java.util.function.Predicate<ConstraintData> predicate)
boolean	hasConstraints(com.haulmont.chile.core.model.MetaClass metaClass) Check if there are registered constraints for the metaClass or it's original metaClass
boolean	hasInMemoryConstraints(com.haulmont.chile.core.model.MetaClass metaClass, ConstraintOperationType... operationTypes) Check if there are registered memory constraints of specified operationTypes for the metaClass or it's original metaClass
boolean	isEntityAttrPermitted(java.lang.Class<?> entityClass, java.lang.String property, EntityAttrAccess access) Check if current user has permission to an entity attribute.
protected boolean	isEntityAttrPermitted(com.haulmont.chile.core.model.MetaClass metaClass, com.haulmont.chile.core.model.MetaPropertyPath propertyPath, EntityAttrAccess access)
boolean	isEntityAttrPermitted(com.haulmont.chile.core.model.MetaClass metaClass, java.lang.String property, EntityAttrAccess access) Check if current user has permission to an entity attribute.
boolean	isEntityAttrReadPermitted(com.haulmont.chile.core.model.MetaClass metaClass, java.lang.String propertyPath) Check if current user can read an entity attribute which is the last part of the path given.
boolean	isEntityAttrReadPermitted(com.haulmont.chile.core.model.MetaPropertyPath mpp) Check if current user can read an entity attribute which is the last part of the path given.
boolean	isEntityAttrUpdatePermitted(com.haulmont.chile.core.model.MetaClass metaClass, java.lang.String propertyPath) Check if current user can modify an entity attribute which is the last part of the path given.
boolean	isEntityAttrUpdatePermitted(com.haulmont.chile.core.model.MetaPropertyPath mpp) Check if current user can modify an entity attribute which is the last part of the path given.
boolean	isEntityOpPermitted(java.lang.Class<?> entityClass, EntityOp entityOp) Check if current user has permission to execute an entity operation.
boolean	isEntityOpPermitted(com.haulmont.chile.core.model.MetaClass metaClass, EntityOp entityOp) Check if current user has permission to execute an entity operation.
protected boolean	isPermitted(Entity entity, ConstraintData constraint)
boolean	isPermitted(Entity entity, ConstraintOperationType targetOperationType) Check if the operation type is permitted for the entity
protected boolean	isPermitted(Entity entity, java.util.function.Predicate<ConstraintData> predicate)
boolean	isPermitted(Entity entity, java.lang.String customCode) Check the special constraint permission for the entity
boolean	isScreenPermitted(java.lang.String windowAlias) Check if current user has permission to open a screen.
boolean	isSpecificPermitted(java.lang.String name) Check if current user has a specific permission.
protected java.lang.Object	parseValue(java.lang.Class<?> clazz, java.lang.String string)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

userSessionSource

@Inject
protected UserSessionSource userSessionSource

metadata

@Inject
protected Metadata metadata

metadataTools

@Inject
protected MetadataTools metadataTools

extendedEntities

@Inject
protected ExtendedEntities extendedEntities

scripting

@Inject
protected Scripting scripting

Constructor Detail

SecurityImpl

public SecurityImpl()

Method Detail

isScreenPermitted

public boolean isScreenPermitted(java.lang.String windowAlias)

Description copied from interface: Security

Check if current user has permission to open a screen.

Specified by:

isScreenPermitted in interface Security

Parameters:

windowAlias - screen id as registered in screens.xml

isEntityOpPermitted

public boolean isEntityOpPermitted(com.haulmont.chile.core.model.MetaClass metaClass,
                                   EntityOp entityOp)

Description copied from interface: Security

Check if current user has permission to execute an entity operation.
Takes into account original metaclass of entity.

Specified by:

isEntityOpPermitted in interface Security

Parameters:

metaClass - entity meta-class

entityOp - operation

isEntityOpPermitted

public boolean isEntityOpPermitted(java.lang.Class<?> entityClass,
                                   EntityOp entityOp)

Description copied from interface: Security

Check if current user has permission to execute an entity operation.
Takes into account original metaclass of entity.

Specified by:

isEntityOpPermitted in interface Security

Parameters:

entityClass - entity class

entityOp - operation

isEntityAttrPermitted

public boolean isEntityAttrPermitted(com.haulmont.chile.core.model.MetaClass metaClass,
                                     java.lang.String property,
                                     EntityAttrAccess access)

Description copied from interface: Security

Check if current user has permission to an entity attribute.
Takes into account original metaclass of entity.

Specified by:

isEntityAttrPermitted in interface Security

Parameters:

metaClass - entity meta-class

property - entity attribute name

access - required access

isEntityAttrPermitted

public boolean isEntityAttrPermitted(java.lang.Class<?> entityClass,
                                     java.lang.String property,
                                     EntityAttrAccess access)

Description copied from interface: Security

Check if current user has permission to an entity attribute.
Takes into account original metaclass of entity.

Specified by:

isEntityAttrPermitted in interface Security

Parameters:

entityClass - entity class

property - entity attribute name

access - required access

isEntityAttrReadPermitted

public boolean isEntityAttrReadPermitted(com.haulmont.chile.core.model.MetaClass metaClass,
                                         java.lang.String propertyPath)

Description copied from interface: Security

Check if current user can read an entity attribute which is the last part of the path given. It means that he has the following permissions:

• EntityOp.READ on the whole entity which the attribute belongs to
• EntityAttrAccess.VIEW on the attribute

Takes into account original metaclass of entity.

Specified by:

isEntityAttrReadPermitted in interface Security

Parameters:

metaClass - entity meta class

propertyPath - entity attribute path

isEntityAttrUpdatePermitted

public boolean isEntityAttrUpdatePermitted(com.haulmont.chile.core.model.MetaClass metaClass,
                                           java.lang.String propertyPath)

Description copied from interface: Security

Check if current user can modify an entity attribute which is the last part of the path given. It means that he has the following permissions:

• EntityOp.CREATE or EntityOp.UPDATE on the whole entity which the attribute belongs to
• EntityAttrAccess.MODIFY on the attribute

Takes into account original metaclass of entity.

Specified by:

isEntityAttrUpdatePermitted in interface Security

Parameters:

metaClass - entity meta class

propertyPath - entity attribute path

isSpecificPermitted

public boolean isSpecificPermitted(java.lang.String name)

Description copied from interface: Security

Check if current user has a specific permission.

Specified by:

isSpecificPermitted in interface Security

Parameters:

name - specific permission id

checkSpecificPermission

public void checkSpecificPermission(java.lang.String name)

Description copied from interface: Security

Check if current user has a specific permission.

Specified by:

checkSpecificPermission in interface Security

Parameters:

name - specific permission id

isEntityAttrReadPermitted

public boolean isEntityAttrReadPermitted(com.haulmont.chile.core.model.MetaPropertyPath mpp)

Description copied from interface: Security

Check if current user can read an entity attribute which is the last part of the path given. It means that he has the following permissions:

• EntityOp.READ on the whole entity which the attribute belongs to
• EntityAttrAccess.VIEW on the attribute

Takes into account original metaclass of entity.

Specified by:

isEntityAttrReadPermitted in interface Security

Parameters:

mpp - entity attribute path

isEntityAttrPermitted

protected boolean isEntityAttrPermitted(com.haulmont.chile.core.model.MetaClass metaClass,
                                        com.haulmont.chile.core.model.MetaPropertyPath propertyPath,
                                        EntityAttrAccess access)

isEntityAttrUpdatePermitted

public boolean isEntityAttrUpdatePermitted(com.haulmont.chile.core.model.MetaPropertyPath mpp)

Description copied from interface: Security

Check if current user can modify an entity attribute which is the last part of the path given. It means that he has the following permissions:

• EntityOp.CREATE or EntityOp.UPDATE on the whole entity which the attribute belongs to
• EntityAttrAccess.MODIFY on the attribute

Takes into account original metaclass of entity.

Specified by:

isEntityAttrUpdatePermitted in interface Security

Parameters:

mpp - entity attribute path

isPermitted

public boolean isPermitted(Entity entity,
                           ConstraintOperationType targetOperationType)

Description copied from interface: Security

Check if the operation type is permitted for the entity

Specified by:

isPermitted in interface Security

isPermitted

public boolean isPermitted(Entity entity,
                           java.lang.String customCode)

Description copied from interface: Security

Check the special constraint permission for the entity

Specified by:

isPermitted in interface Security

hasConstraints

public boolean hasConstraints(com.haulmont.chile.core.model.MetaClass metaClass)

Description copied from interface: Security

Check if there are registered constraints for the metaClass or it's original metaClass

Specified by:

hasConstraints in interface Security

hasInMemoryConstraints

public boolean hasInMemoryConstraints(com.haulmont.chile.core.model.MetaClass metaClass,
                                      ConstraintOperationType... operationTypes)

Description copied from interface: Security

Check if there are registered memory constraints of specified operationTypes for the metaClass or it's original metaClass

Specified by:

hasInMemoryConstraints in interface Security

getConstraints

protected java.util.List<ConstraintData> getConstraints(com.haulmont.chile.core.model.MetaClass metaClass,
                                                        java.util.function.Predicate<ConstraintData> predicate)

getConstraints

protected java.util.List<ConstraintData> getConstraints(com.haulmont.chile.core.model.MetaClass metaClass)

isPermitted

protected boolean isPermitted(Entity entity,
                              java.util.function.Predicate<ConstraintData> predicate)

isPermitted

protected boolean isPermitted(Entity entity,
                              ConstraintData constraint)

evaluateConstraintScript

public java.lang.Object evaluateConstraintScript(Entity entity,
                                                 java.lang.String groovyScript)

Specified by:

evaluateConstraintScript in interface Security

fillGroovyConstraintsContext

protected void fillGroovyConstraintsContext(java.util.Map<java.lang.String,java.lang.Object> context)

Override if you need specific context variables in Groovy constraints.

Parameters:

context - passed to Groovy evaluator

parseValue

protected java.lang.Object parseValue(java.lang.Class<?> clazz,
                                      java.lang.String string)