1. Project Clover database Tue Dec 20 2016 21:24:09 CET
  2. Package org.xwiki.security.authorization.script

File SecurityAuthorizationScriptService.java

 

Coverage histogram

../../../../../img/srcFileCovDistChart5.png
74% of files have more coverage

Code metrics

0
6
6
1
148
49
6
1
1
6
1

Classes

Class Line # Actions
SecurityAuthorizationScriptService 45 6 0% 6 6
0.550%
 

Contributing tests

No tests hitting this source file were found.

Source view

1    /*
2    * See the NOTICE file distributed with this work for additional
3    * information regarding copyright ownership.
4    *
5    * This is free software; you can redistribute it and/or modify it
6    * under the terms of the GNU Lesser General Public License as
7    * published by the Free Software Foundation; either version 2.1 of
8    * the License, or (at your option) any later version.
9    *
10    * This software is distributed in the hope that it will be useful,
11    * but WITHOUT ANY WARRANTY; without even the implied warranty of
12    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13    * Lesser General Public License for more details.
14    *
15    * You should have received a copy of the GNU Lesser General Public
16    * License along with this software; if not, write to the Free
17    * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18    * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
19    */
20    package org.xwiki.security.authorization.script;
21   
22    import javax.inject.Inject;
23    import javax.inject.Named;
24    import javax.inject.Singleton;
25   
26    import org.xwiki.component.annotation.Component;
27    import org.xwiki.model.reference.DocumentReference;
28    import org.xwiki.model.reference.EntityReference;
29    import org.xwiki.script.service.ScriptService;
30    import org.xwiki.security.authorization.AccessDeniedException;
31    import org.xwiki.security.authorization.AuthorizationManager;
32    import org.xwiki.security.authorization.ContextualAuthorizationManager;
33    import org.xwiki.security.authorization.Right;
34    import org.xwiki.security.script.SecurityScriptService;
35   
36    /**
37    * Security Authorization Script Service.
38    *
39    * @version $Id: 73e8d98bba5045e0d33e70a39bd7ae52767c6d24 $
40    * @since 6.1RC1
41    */
42    @Component
43    @Named(SecurityScriptService.ROLEHINT + '.' + SecurityAuthorizationScriptService.ID)
44    @Singleton
 
45    public class SecurityAuthorizationScriptService implements ScriptService
46    {
47    /**
48    * The role hint of this component.
49    */
50    public static final String ID = "authorization";
51   
52    @Inject
53    private AuthorizationManager authorizationManager;
54   
55    @Inject
56    private ContextualAuthorizationManager contextualAuthorizationManager;
57   
58    /**
59    * Check if access identified by {@code right} on the current entity is allowed in the current context.
60    * The context includes information like the authenticated user, the current macro being executed, the rendering
61    * context restriction, the dropping of rights by macro, etc...
62    * This function should be used at security checkpoint.
63    *
64    * @param right the right needed for execution of the action
65    * @throws AccessDeniedException if the action should be denied, which may also happen when an error occurs
66    */
 
67  0 toggle public void checkAccess(Right right) throws AccessDeniedException
68    {
69  0 contextualAuthorizationManager.checkAccess(right);
70    }
71   
72    /**
73    * Verifies if access identified by {@code right} on the current entity would be allowed in the current context.
74    * The context includes information like the authenticated user, the current macro being executed, the rendering
75    * context restriction, the dropping of rights by macro, etc...
76    * This function should be used for interface matters, use {@link #checkAccess} at security checkpoints.
77    *
78    * @param right the right to check .
79    * @return {@code true} if the user has the specified right on the entity, {@code false} otherwise
80    */
 
81  20484 toggle public boolean hasAccess(Right right)
82    {
83  20483 return contextualAuthorizationManager.hasAccess(right);
84    }
85   
86    /**
87    * Check if access identified by {@code right} on the given entity is allowed in the current context.
88    * The context includes information like the authenticated user, the current macro being executed, the rendering
89    * context restriction, the dropping of rights by macro, etc...
90    * This function should be used at security checkpoint.
91    *
92    * @param right the right needed for execution of the action
93    * @param entityReference the entity on which to check the right
94    * @throws AccessDeniedException if the action should be denied, which may also happen when an error occurs
95    */
 
96  0 toggle public void checkAccess(Right right, EntityReference entityReference) throws AccessDeniedException
97    {
98  0 contextualAuthorizationManager.checkAccess(right, entityReference);
99    }
100   
101    /**
102    * Verifies if access identified by {@code right} on the given entity would be allowed in the current context.
103    * The context includes information like the authenticated user, the current macro being executed, the rendering
104    * context restriction, the dropping of rights by macro, etc...
105    * This function should be used for interface matters, use {@link #checkAccess} at security checkpoints.
106    *
107    * @param right the right to check.
108    * @param entityReference the entity on which to check the right
109    * @return {@code true} if the user has the specified right on the entity, {@code false} otherwise
110    */
 
111  44446 toggle public boolean hasAccess(Right right, EntityReference entityReference)
112    {
113  44446 return contextualAuthorizationManager.hasAccess(right, entityReference);
114    }
115   
116    /**
117    * Check if the user identified by {@code userReference} has the access identified by {@code right} on the
118    * entity identified by {@code entityReference}. Note that some rights may be checked higher in hierarchy of the
119    * provided entity if such right is not enabled at lowest hierarchy level provided.
120    * This function should be used at security checkpoint.
121    *
122    * @param right the right needed for execution of the action
123    * @param userReference the user to check the right for
124    * @param entityReference the entity on which to check the right
125    * @throws AccessDeniedException if the action should be denied, which may also happen when an error occurs
126    */
 
127  0 toggle public void checkAccess(Right right, DocumentReference userReference, EntityReference entityReference)
128    throws AccessDeniedException
129    {
130  0 authorizationManager.checkAccess(right, userReference, entityReference);
131    }
132   
133    /**
134    * Verifies if the user identified by {@code userReference} has the access identified by {@code right} on the
135    * entity identified by {@code entityReference}. Note that some rights may be checked higher in hierarchy of the
136    * provided entity if such right is not enabled at lowest hierarchy level provided.
137    * This function should be used for interface matters, use {@link #checkAccess} at security checkpoints.
138    *
139    * @param right the right to check .
140    * @param userReference the user to check the right for
141    * @param entityReference the entity on which to check the right
142    * @return {@code true} if the user has the specified right on the entity, {@code false} otherwise
143    */
 
144  1285 toggle public boolean hasAccess(Right right, DocumentReference userReference, EntityReference entityReference)
145    {
146  1285 return authorizationManager.hasAccess(right, userReference, entityReference);
147    }
148    }