com.haulmont.cuba.core.global

Interface Security

All Known Subinterfaces:

PersistenceSecurity

All Known Implementing Classes:

PersistenceSecurityImpl, SecurityImpl, TestSecurity

public interface Security

Infrastructure interface providing methods to check permissions of the current user.

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	NAME

Method Summary

Modifier and Type	Method and Description
void	checkSpecificPermission(java.lang.String name) Check if current user has a specific permission.
java.lang.Object	evaluateConstraintScript(Entity entity, java.lang.String groovyScript)
boolean	hasConstraints(MetaClass metaClass) Check if there are registered constraints for the metaClass or it's original metaClass
boolean	hasInMemoryConstraints(MetaClass metaClass, ConstraintOperationType... operationTypes) Check if there are registered memory constraints of specified operationTypes for the metaClass or it's original metaClass
boolean	isEntityAttrPermitted(java.lang.Class<?> entityClass, java.lang.String property, EntityAttrAccess access) Check if current user has permission to an entity attribute.
boolean	isEntityAttrPermitted(MetaClass metaClass, java.lang.String property, EntityAttrAccess access) Check if current user has permission to an entity attribute.
boolean	isEntityAttrReadPermitted(MetaClass metaClass, java.lang.String propertyPath) Check if current user can read an entity attribute which is the last part of the path given.
boolean	isEntityAttrReadPermitted(MetaPropertyPath propertyPath) Check if current user can read an entity attribute which is the last part of the path given.
boolean	isEntityAttrUpdatePermitted(MetaClass metaClass, java.lang.String propertyPath) Check if current user can modify an entity attribute which is the last part of the path given.
boolean	isEntityAttrUpdatePermitted(MetaPropertyPath propertyPath) Check if current user can modify an entity attribute which is the last part of the path given.
boolean	isEntityOpPermitted(java.lang.Class<?> entityClass, EntityOp entityOp) Check if current user has permission to execute an entity operation.
boolean	isEntityOpPermitted(MetaClass metaClass, EntityOp entityOp) Check if current user has permission to execute an entity operation.
boolean	isPermitted(Entity entity, ConstraintOperationType operationType) Check if the operation type is permitted for the entity
boolean	isPermitted(Entity entity, java.lang.String customCode) Check the special constraint permission for the entity
boolean	isScreenPermitted(java.lang.String windowAlias) Check if current user has permission to open a screen.
boolean	isSpecificPermitted(java.lang.String name) Check if current user has a specific permission.

Field Detail

NAME

static final java.lang.String NAME

See Also:

Constant Field Values

Method Detail

isScreenPermitted

boolean isScreenPermitted(java.lang.String windowAlias)

Check if current user has permission to open a screen.

Parameters:

windowAlias - screen id as registered in screens.xml

isEntityOpPermitted

boolean isEntityOpPermitted(MetaClass metaClass,
                            EntityOp entityOp)

Check if current user has permission to execute an entity operation.
Takes into account original metaclass of entity.

Parameters:

metaClass - entity meta-class

entityOp - operation

isEntityOpPermitted

boolean isEntityOpPermitted(java.lang.Class<?> entityClass,
                            EntityOp entityOp)

Check if current user has permission to execute an entity operation.
Takes into account original metaclass of entity.

Parameters:

entityClass - entity class

entityOp - operation

isEntityAttrPermitted

boolean isEntityAttrPermitted(MetaClass metaClass,
                              java.lang.String property,
                              EntityAttrAccess access)

Check if current user has permission to an entity attribute.
Takes into account original metaclass of entity.

Parameters:

metaClass - entity meta-class

property - entity attribute name

access - required access

isEntityAttrPermitted

boolean isEntityAttrPermitted(java.lang.Class<?> entityClass,
                              java.lang.String property,
                              EntityAttrAccess access)

Check if current user has permission to an entity attribute.
Takes into account original metaclass of entity.

Parameters:

entityClass - entity class

property - entity attribute name

access - required access

isEntityAttrUpdatePermitted

boolean isEntityAttrUpdatePermitted(MetaClass metaClass,
                                    java.lang.String propertyPath)

Check if current user can modify an entity attribute which is the last part of the path given. It means that he has the following permissions:

• EntityOp.CREATE or EntityOp.UPDATE on the whole entity which the attribute belongs to
• EntityAttrAccess.MODIFY on the attribute

Takes into account original metaclass of entity.

Parameters:

metaClass - entity meta class

propertyPath - entity attribute path

isEntityAttrUpdatePermitted

boolean isEntityAttrUpdatePermitted(MetaPropertyPath propertyPath)

Check if current user can modify an entity attribute which is the last part of the path given. It means that he has the following permissions:

• EntityOp.CREATE or EntityOp.UPDATE on the whole entity which the attribute belongs to
• EntityAttrAccess.MODIFY on the attribute

Takes into account original metaclass of entity.

Parameters:

propertyPath - entity attribute path

isEntityAttrReadPermitted

boolean isEntityAttrReadPermitted(MetaPropertyPath propertyPath)

Check if current user can read an entity attribute which is the last part of the path given. It means that he has the following permissions:

• EntityOp.READ on the whole entity which the attribute belongs to
• EntityAttrAccess.VIEW on the attribute

Takes into account original metaclass of entity.

Parameters:

propertyPath - entity attribute path

isEntityAttrReadPermitted

boolean isEntityAttrReadPermitted(MetaClass metaClass,
                                  java.lang.String propertyPath)

Check if current user can read an entity attribute which is the last part of the path given. It means that he has the following permissions:

• EntityOp.READ on the whole entity which the attribute belongs to
• EntityAttrAccess.VIEW on the attribute

Takes into account original metaclass of entity.

Parameters:

metaClass - entity meta class

propertyPath - entity attribute path

isSpecificPermitted

boolean isSpecificPermitted(java.lang.String name)

Check if current user has a specific permission.

Parameters:

name - specific permission id

checkSpecificPermission

void checkSpecificPermission(java.lang.String name)

Check if current user has a specific permission.

Parameters:

name - specific permission id

Throws:

AccessDeniedException - if the user has no specified permission

isPermitted

boolean isPermitted(Entity entity,
                    ConstraintOperationType operationType)

Check if the operation type is permitted for the entity

isPermitted

boolean isPermitted(Entity entity,
                    java.lang.String customCode)

Check the special constraint permission for the entity

hasConstraints

boolean hasConstraints(MetaClass metaClass)

Check if there are registered constraints for the metaClass or it's original metaClass

hasInMemoryConstraints

boolean hasInMemoryConstraints(MetaClass metaClass,
                               ConstraintOperationType... operationTypes)

Check if there are registered memory constraints of specified operationTypes for the metaClass or it's original metaClass

evaluateConstraintScript

java.lang.Object evaluateConstraintScript(Entity entity,
                                          java.lang.String groovyScript)