com.haulmont.cuba.security.app.role

Class RolesServiceBean

java.lang.Object

com.haulmont.cuba.security.app.role.RolesServiceBean

All Implemented Interfaces:

RolesService

@Service(value="cuba_RolesService")
public class RolesServiceBean
extends java.lang.Object
implements RolesService

Field Summary

Fields

Modifier and Type	Field and Description
protected DataManager	dataManager
protected EntityStates	entityStates
protected GlobalConfig	globalConfig
protected org.slf4j.Logger	log
protected Metadata	metadata
protected PersistenceSecurity	persistenceSecurity
protected PredefinedRoleDefinitionRepository	predefinedRoleDefinitionRepository
protected RolesHelper	rolesHelper
protected ServerConfig	serverConfig

Fields inherited from interface com.haulmont.cuba.security.role.RolesService

NAME

Constructor Summary

Constructors

Constructor and Description
RolesServiceBean()

Method Summary

Modifier and Type	Method and Description
java.util.Collection<Role>	getAllRoles() Returns a collection of all roles (Role objects) available in the application (SecurityStorageMode is taken into account).
java.util.Collection<Role>	getDefaultRoles() Returns all roles marked as default (both from the database and from the source code).
java.util.Collection<Permission>	getPermissions(java.lang.String predefinedRoleName, PermissionType permissionType) Finds a predefined role definition by the name and builds a collection of Permission objects that has a given permissionType.
Access	getPermissionUndefinedAccessPolicy() Returns a policy for resolving permission values that are not explicitly defined in roles.
Role	getRoleDefinitionAndTransformToRole(java.lang.String roleDefinitionName) Finds the predefined role definition by the name and converts it to the Role object.
RoleDefinition	getRoleDefinitionByName(java.lang.String name)
java.util.Collection<RoleDefinition>	getRoleDefinitionsForUser(User user) Returns a collection of RoleDefinition objects assigned to the User.
java.util.Collection<Role>	getRolesForUser(User user) Returns a collection of Role objects assigned to the User.
int	getRolesPolicyVersion() Returns the roles policy version.
boolean	isRoleStorageMixedMode()
Role	transformToRole(RoleDefinition roleDefinition, RoleTransformationOption... transformationOptions) Transforms the given roleDefinition to the Role object.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

dataManager

@Inject
protected DataManager dataManager

globalConfig

@Inject
protected GlobalConfig globalConfig

persistenceSecurity

@Inject
protected PersistenceSecurity persistenceSecurity

log

@Inject
protected org.slf4j.Logger log

serverConfig

@Inject
protected ServerConfig serverConfig

predefinedRoleDefinitionRepository

@Inject
protected PredefinedRoleDefinitionRepository predefinedRoleDefinitionRepository

metadata

@Inject
protected Metadata metadata

rolesHelper

@Inject
protected RolesHelper rolesHelper

entityStates

@Inject
protected EntityStates entityStates

Constructor Detail

RolesServiceBean

public RolesServiceBean()

Method Detail

getAllRoles

public java.util.Collection<Role> getAllRoles()

Description copied from interface: RolesService

Returns a collection of all roles (Role objects) available in the application (SecurityStorageMode is taken into account). If there are predefined roles (RoleDefinition objects in the source code), they will be converted to Role and will also be returned in the result collection. The resulting roles permissions collections are not filled.

Specified by:

getAllRoles in interface RolesService

Returns:

list of all roles (Role objects) available in the application.

getRoleDefinitionByName

@Nullable
public RoleDefinition getRoleDefinitionByName(java.lang.String name)

Specified by:

getRoleDefinitionByName in interface RolesService

getRoleDefinitionAndTransformToRole

public Role getRoleDefinitionAndTransformToRole(java.lang.String roleDefinitionName)

Description copied from interface: RolesService

Finds the predefined role definition by the name and converts it to the Role object.

Specified by:

getRoleDefinitionAndTransformToRole in interface RolesService

Parameters:

roleDefinitionName - name of a predefined role

Returns:

Role object that contains all permissions of a predefined role or null if role definition is not found.

isRoleStorageMixedMode

public boolean isRoleStorageMixedMode()

Specified by:

isRoleStorageMixedMode in interface RolesService

Returns:

true if roles are stored in a source code and in a database, false otherwise. See SecurityStorageMode

getDefaultRoles

public java.util.Collection<Role> getDefaultRoles()

Description copied from interface: RolesService

Returns all roles marked as default (both from the database and from the source code).

Specified by:

getDefaultRoles in interface RolesService

transformToRole

public Role transformToRole(RoleDefinition roleDefinition,
                            RoleTransformationOption... transformationOptions)

Description copied from interface: RolesService

Transforms the given roleDefinition to the Role object. By default, all permissions will also be transformed, if you don't need them in the resulting role, use the RoleTransformationOption.DO_NOT_INCLUDE_PERMISSIONS option.

Specified by:

transformToRole in interface RolesService

getPermissions

public java.util.Collection<Permission> getPermissions(java.lang.String predefinedRoleName,
                                                       PermissionType permissionType)

Description copied from interface: RolesService

Finds a predefined role definition by the name and builds a collection of Permission objects that has a given permissionType.

Specified by:

getPermissions in interface RolesService

Parameters:

predefinedRoleName - name of a predefined role

permissionType - type of permissions that should be returned

Returns:

collection of Permission objects or an empty collection if the predefined role doesn't exist

getRolesForUser

public java.util.Collection<Role> getRolesForUser(User user)

Description copied from interface: RolesService

Returns a collection of Role objects assigned to the User. If the user role is associated with a predefined role definition, the predefined role will be converted to the Role

Specified by:

getRolesForUser in interface RolesService

Returns:

collection of Role objects

getRoleDefinitionsForUser

public java.util.Collection<RoleDefinition> getRoleDefinitionsForUser(User user)

Description copied from interface: RolesService

Returns a collection of RoleDefinition objects assigned to the User. If the user role is associated with the database role, the database role will be converted to the RoleDefinition

Specified by:

getRoleDefinitionsForUser in interface RolesService

Returns:

collection of RoleDefinition objects

getPermissionUndefinedAccessPolicy

public Access getPermissionUndefinedAccessPolicy()

Description copied from interface: RolesService

Returns a policy for resolving permission values that are not explicitly defined in roles. For roles policy v1 RolesService.getRolesPolicyVersion() if a role doesn't define any explicit permission then this target is allowed, for policy v2 the undefined permission is denied.

Specified by:

getPermissionUndefinedAccessPolicy in interface RolesService

getRolesPolicyVersion

public int getRolesPolicyVersion()

Description copied from interface: RolesService

Returns the roles policy version.

• 1 - Security implementation used before CUBA 7.2: undefined permissions are resolved to allowed, roles types are used
• 2 - New roles resolving implementation introduced in CUBA 7.2: undefined permissions are resolved to denied, the only possible permission is ALLOW (user cannot select DENY), design-time roles can be used

Specified by:

getRolesPolicyVersion in interface RolesService