1. Project Clover database Tue Dec 20 2016 21:24:09 CET
  2. Package org.xwiki.security.authorization

File ContextualAuthorizationManager.java

 

Code metrics

0
0
0
1
83
11
0
-
-
0
-

Classes

Class Line # Actions
ContextualAuthorizationManager 36 0 - 0 0
-1.0 -
 

Contributing tests

No tests hitting this source file were found.

Source view

1    /*
2    * See the NOTICE file distributed with this work for additional
3    * information regarding copyright ownership.
4    *
5    * This is free software; you can redistribute it and/or modify it
6    * under the terms of the GNU Lesser General Public License as
7    * published by the Free Software Foundation; either version 2.1 of
8    * the License, or (at your option) any later version.
9    *
10    * This software is distributed in the hope that it will be useful,
11    * but WITHOUT ANY WARRANTY; without even the implied warranty of
12    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13    * Lesser General Public License for more details.
14    *
15    * You should have received a copy of the GNU Lesser General Public
16    * License along with this software; if not, write to the Free
17    * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18    * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
19    */
20    package org.xwiki.security.authorization;
21   
22    import org.xwiki.component.annotation.Role;
23    import org.xwiki.model.reference.EntityReference;
24   
25    /**
26    * This API is for checking the access rights of current user in the current context. It replaces
27    * {@code com.xpn.xwiki.user.api.XWikiRightService}.
28    *
29    * The ContextualAuthorizationManager does not provide any help for authentication. Authentication should have been
30    * ensured previously if needed.
31    *
32    * @version $Id: d5d1dc21a308f224b8c8ed57735b22a82210a465 $
33    * @since 6.1RC1
34    */
35    @Role
 
36    public interface ContextualAuthorizationManager
37    {
38    /**
39    * Check if access identified by {@code right} on the current entity is allowed in the current context.
40    * The context includes information like the authenticated user, the current macro being executed, the rendering
41    * context restriction, the dropping of rights by macro, etc...
42    * This function should be used at security checkpoint.
43    *
44    * @param right the right needed for execution of the action
45    * @throws AccessDeniedException if the action should be denied, which may also happen when an error occurs
46    */
47    void checkAccess(Right right) throws AccessDeniedException;
48   
49    /**
50    * Verifies if access identified by {@code right} on the current entity would be allowed in the current context.
51    * The context includes information like the authenticated user, the current macro being executed, the rendering
52    * context restriction, the dropping of rights by macro, etc...
53    * This function should be used for interface matters, use {@link #checkAccess} at security checkpoints.
54    *
55    * @param right the right to check .
56    * @return {@code true} if the user has the specified right on the entity, {@code false} otherwise
57    */
58    boolean hasAccess(Right right);
59   
60    /**
61    * Check if access identified by {@code right} on the given entity is allowed in the current context.
62    * The context includes information like the authenticated user, the current macro being executed, the rendering
63    * context restriction, the dropping of rights by macro, etc...
64    * This function should be used at security checkpoint.
65    *
66    * @param right the right needed for execution of the action
67    * @param entityReference the entity on which to check the right
68    * @throws AccessDeniedException if the action should be denied, which may also happen when an error occurs
69    */
70    void checkAccess(Right right, EntityReference entityReference) throws AccessDeniedException;
71   
72    /**
73    * Verifies if access identified by {@code right} on the given entity would be allowed in the current context.
74    * The context includes information like the authenticated user, the current macro being executed, the rendering
75    * context restriction, the dropping of rights by macro, etc...
76    * This function should be used for interface matters, use {@link #checkAccess} at security checkpoints.
77    *
78    * @param right the right to check .
79    * @param entityReference the entity on which to check the right
80    * @return {@code true} if the user has the specified right on the entity, {@code false} otherwise
81    */
82    boolean hasAccess(Right right, EntityReference entityReference);
83    }