com.haulmont.cuba.security.role

Interface RolesService

All Known Implementing Classes:

RolesServiceBean

public interface RolesService

Helps to work with predefined roles in the user interface.

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	NAME

Method Summary

Modifier and Type	Method and Description
java.util.Collection<Role>	getAllRoles() Returns a collection of all roles (Role objects) available in the application (SecurityStorageMode is taken into account).
java.util.Collection<Role>	getDefaultRoles() Returns all roles marked as default (both from the database and from the source code).
java.util.Collection<Permission>	getPermissions(java.lang.String predefinedRoleName, PermissionType permissionType) Finds a predefined role definition by the name and builds a collection of Permission objects that has a given permissionType.
Access	getPermissionUndefinedAccessPolicy() Returns a policy for resolving permission values that are not explicitly defined in roles.
Role	getRoleDefinitionAndTransformToRole(java.lang.String roleDefinitionName) Finds the predefined role definition by the name and converts it to the Role object.
RoleDefinition	getRoleDefinitionByName(java.lang.String name)
java.util.Collection<RoleDefinition>	getRoleDefinitionsForUser(User user) Returns a collection of RoleDefinition objects assigned to the User.
java.util.Collection<Role>	getRolesForUser(User user) Returns a collection of Role objects assigned to the User.
int	getRolesPolicyVersion() Returns the roles policy version.
boolean	isRoleStorageMixedMode()
Role	transformToRole(RoleDefinition roleDefinition, RoleTransformationOption... transformationOptions) Transforms the given roleDefinition to the Role object.

Field Detail

NAME

static final java.lang.String NAME

See Also:

Constant Field Values

Method Detail

getAllRoles

java.util.Collection<Role> getAllRoles()

Returns a collection of all roles (Role objects) available in the application (SecurityStorageMode is taken into account). If there are predefined roles (RoleDefinition objects in the source code), they will be converted to Role and will also be returned in the result collection. The resulting roles permissions collections are not filled.

Returns:

list of all roles (Role objects) available in the application.

getRoleDefinitionByName

@Nullable
RoleDefinition getRoleDefinitionByName(java.lang.String name)

getRoleDefinitionAndTransformToRole

@Nullable
Role getRoleDefinitionAndTransformToRole(java.lang.String roleDefinitionName)

Finds the predefined role definition by the name and converts it to the Role object.

Parameters:

roleDefinitionName - name of a predefined role

Returns:

Role object that contains all permissions of a predefined role or null if role definition is not found.

transformToRole

Role transformToRole(RoleDefinition roleDefinition,
                     RoleTransformationOption... transformationOptions)

Transforms the given roleDefinition to the Role object. By default, all permissions will also be transformed, if you don't need them in the resulting role, use the RoleTransformationOption.DO_NOT_INCLUDE_PERMISSIONS option.

getPermissions

java.util.Collection<Permission> getPermissions(java.lang.String predefinedRoleName,
                                                PermissionType permissionType)

Finds a predefined role definition by the name and builds a collection of Permission objects that has a given permissionType.

Parameters:

predefinedRoleName - name of a predefined role

permissionType - type of permissions that should be returned

Returns:

collection of Permission objects or an empty collection if the predefined role doesn't exist

isRoleStorageMixedMode

boolean isRoleStorageMixedMode()

Returns:

true if roles are stored in a source code and in a database, false otherwise. See SecurityStorageMode

getDefaultRoles

java.util.Collection<Role> getDefaultRoles()

Returns all roles marked as default (both from the database and from the source code).

getRolesForUser

java.util.Collection<Role> getRolesForUser(User user)

Returns a collection of Role objects assigned to the User. If the user role is associated with a predefined role definition, the predefined role will be converted to the Role

Returns:

collection of Role objects

getRoleDefinitionsForUser

java.util.Collection<RoleDefinition> getRoleDefinitionsForUser(User user)

Returns a collection of RoleDefinition objects assigned to the User. If the user role is associated with the database role, the database role will be converted to the RoleDefinition

Returns:

collection of RoleDefinition objects

getPermissionUndefinedAccessPolicy

Access getPermissionUndefinedAccessPolicy()

Returns a policy for resolving permission values that are not explicitly defined in roles. For roles policy v1 getRolesPolicyVersion() if a role doesn't define any explicit permission then this target is allowed, for policy v2 the undefined permission is denied.

getRolesPolicyVersion

int getRolesPolicyVersion()

Returns the roles policy version.

• 1 - Security implementation used before CUBA 7.2: undefined permissions are resolved to allowed, roles types are used
• 2 - New roles resolving implementation introduced in CUBA 7.2: undefined permissions are resolved to denied, the only possible permission is ALLOW (user cannot select DENY), design-time roles can be used