Package org.mycore.access

Class MCRAccessBaseImpl

java.lang.Object
org.mycore.access.MCRAccessBaseImpl
All Implemented Interfaces:
MCRAccessInterface, MCRRuleAccessInterface
Direct Known Subclasses:
MCRAccessControlSystem
@Singleton public class MCRAccessBaseImpl extends Object implements MCRRuleAccessInterface
This class is a base implementation of the MCRAccessInterface. It will simply allow everything and will do nothing on persistent operations. Feel free to extend this class if your implementation can only support parts of the Interface definition.
Author:
Jens Kupferschmidt

  • Field Details

    • ACCESS_PERMISSIONS

      protected static final String ACCESS_PERMISSIONS

  • Constructor Details

    • MCRAccessBaseImpl

      public MCRAccessBaseImpl()

  • Method Details

    • addRule

      public void addRule(String id, String permission, Element rule, String description) throws MCRException
      Description copied from interface: MCRRuleAccessInterface
      adds an access rule for an ID to an access system. The parameter id serves as an identifier for the concrete underlying rule, e.g. a MCRObjectID.
      Specified by:
      addRule in interface MCRRuleAccessInterface
      Parameters:
      id - the ID-String of the object
      permission - the access permission for the rule
      rule - the access rule
      description - a String description of the rule in prosa
      Throws:
      MCRException - if an error occured

    • addRule

      public void addRule(String permission, Element rule, String description) throws MCRException
      Description copied from interface: MCRRuleAccessInterface
      adds an access rule for an "a priori-permission" like "create-document"
      Specified by:
      addRule in interface MCRRuleAccessInterface
      Parameters:
      permission - the access permission for the rule (e.g. "create-document")
      rule - the access rule
      description - a String description of the rule in prosa
      Throws:
      MCRException - if an error occured

    • removeRule

      public void removeRule(String id, String permission) throws MCRException
      Description copied from interface: MCRRuleAccessInterface
      removes a rule. The parameter id serves as an identifier for the concrete underlying rule, e.g. a MCRObjectID.
      Specified by:
      removeRule in interface MCRRuleAccessInterface
      Parameters:
      id - the ID-String of the object
      permission - the access permission for the rule
      Throws:
      MCRException - if an error occured

    • removeRule

      public void removeRule(String permission) throws MCRException
      Description copied from interface: MCRRuleAccessInterface
      removes a rule for an "a priori permission" like "create-document"
      Specified by:
      removeRule in interface MCRRuleAccessInterface
      Parameters:
      permission - the access permission for the rule
      Throws:
      MCRException - if an error occured

    • removeAllRules

      public void removeAllRules(String id) throws MCRException
      Description copied from interface: MCRRuleAccessInterface
      removes all rules of the id. The parameter id serves as an identifier for the concrete underlying rule, e.g. a MCRObjectID.
      Specified by:
      removeAllRules in interface MCRRuleAccessInterface
      Parameters:
      id - the ID-String of the object
      Throws:
      MCRException - if an errow was occured

    • updateRule

      public void updateRule(String id, String permission, Element rule, String description) throws MCRException
      Description copied from interface: MCRRuleAccessInterface
      updates an access rule for an ID to an access system. The parameter id serves as an identifier for the concrete underlying rule, e.g. a MCRObjectID.
      Specified by:
      updateRule in interface MCRRuleAccessInterface
      Parameters:
      id - the ID-String of the object
      permission - the access permission for the rule
      rule - the access rule
      description - a String description of the rule in prosa
      Throws:
      MCRException - if an errow was occured

    • updateRule

      public void updateRule(String permission, Element rule, String description) throws MCRException
      Description copied from interface: MCRRuleAccessInterface
      updates an access rule for an "a priori permission" of an access system like "create-document".
      Specified by:
      updateRule in interface MCRRuleAccessInterface
      Parameters:
      permission - the access permission for the rule
      rule - the access rule
      description - a String description of the rule in prosa
      Throws:
      MCRException - if an errow was occured

    • checkPermission

      public boolean checkPermission(String id, String permission)
      Description copied from interface: MCRAccessInterface
      determines whether the current user has the permission to perform a certain action.
      Specified by:
      checkPermission in interface MCRAccessInterface

    • checkPermission

      public boolean checkPermission(String id, String permission, MCRUserInformation userInfo)
      Description copied from interface: MCRAccessInterface
      determines whether a given user has the permission to perform a certain action. no session data will be checked here. The parameter id serves as an identifier for the concrete underlying rule, e.g. a MCRObjectID.
      Specified by:
      checkPermission in interface MCRAccessInterface
      Parameters:
      id - the ID-String of the object
      permission - the permission/action to be granted, e.g. "read"
      userInfo - the MCRUser, whose permissions are checked
      Returns:
      true if the permission is granted, else false

    • checkPermission

      public boolean checkPermission(String permission)
      Description copied from interface: MCRAccessInterface
      determines whether the current user has the permission to perform a certain action. All information regarding the current user is capsulated by a MCRSession instance which can be retrieved by 
       MCRSession currentSession = MCRSessionMgr.getCurrentSession();
      This method is used for checking "a priori permissions" like "create-document" where a String ID does not exist yet
      Specified by:
      checkPermission in interface MCRAccessInterface
      Parameters:
      permission - the permission/action to be granted, e.g. "create-document"
      Returns:
      true if the permission is granted, else false
      See Also:

    • checkPermissionForUser

      @Deprecated public boolean checkPermissionForUser(String permission, String userID)
      Deprecated.
      Description copied from interface: MCRRuleAccessInterface
      determines whether a given user has the permission to perform a certain action. no session data will be checked here. This method is used for checking "a priori permissions" like "create-document" where a String ID does not exist yet
      Specified by:
      checkPermissionForUser in interface MCRRuleAccessInterface
      Parameters:
      permission - the permission/action to be granted, e.g. "create-document"
      userID - the MCRUser, whose permissions are checked
      Returns:
      true if the permission is granted, else false
      See Also:

    • checkPermissionForUser

      public boolean checkPermissionForUser(String permission, MCRUserInformation userInfo)
      Description copied from interface: MCRAccessInterface
      determines whether a given user has the permission to perform a certain action. no session data will be checked here. This method is used for checking "a priori permissions" like "create-document" where a String ID does not exist yet
      Specified by:
      checkPermissionForUser in interface MCRAccessInterface
      Parameters:
      permission - the permission/action to be granted, e.g. "create-document"
      userInfo - the MCRUser, whose permissions are checked
      Returns:
      true if the permission is granted, else false

    • checkPermission

      public boolean checkPermission(Element rule)
      Description copied from interface: MCRRuleAccessInterface
      determines whether the current user has the permission to perform a certain action. All information regarding the current user is capsulated by a MCRSession instance which can be retrieved by 
       MCRSession currentSession = MCRSessionMgr.getCurrentSession();
      Specified by:
      checkPermission in interface MCRRuleAccessInterface
      Parameters:
      rule - the jdom-representation of a mycore access rule
      Returns:
      true if the permission is granted, else false
      See Also:

    • getRule

      public Element getRule(String objID, String permission)
      Description copied from interface: MCRRuleAccessInterface
      exports a access rule as JDOM element.
      Specified by:
      getRule in interface MCRRuleAccessInterface
      Parameters:
      objID - the ID-String of the object
      permission - the access permission for the rule
      Returns:
      the rule as jdom element, or null if no rule is defined

    • getRule

      public Element getRule(String permission)
      Description copied from interface: MCRRuleAccessInterface
      exports a access rule for a "a priori permission" as JDOM element.
      Specified by:
      getRule in interface MCRRuleAccessInterface
      Parameters:
      permission - the access permission for the rule
      Returns:
      the rule as jdom element, or null if no rule is defined

    • getRuleDescription

      public String getRuleDescription(String permission)
      Description copied from interface: MCRRuleAccessInterface
      returns the prosa description of a defined rule for a "a priori" permission like "create-document".
      Specified by:
      getRuleDescription in interface MCRRuleAccessInterface
      Parameters:
      permission - the access permission for the rule
      Returns:
      the String of the description

    • getRuleDescription

      public String getRuleDescription(String id, String permission)
      Description copied from interface: MCRRuleAccessInterface
      returns the prosa description of a defined rule.
      Specified by:
      getRuleDescription in interface MCRRuleAccessInterface
      Parameters:
      id - the ID-String of the object
      permission - the access permission for the rule
      Returns:
      the String of the description

    • getPermissionsForID

      public Collection<String> getPermissionsForID(String objid)
      Description copied from interface: MCRRuleAccessInterface
      lists all permissions defined for the id. The parameter id serves as an identifier for the concrete underlying rule, e.g. a MCRObjectID.
      Specified by:
      getPermissionsForID in interface MCRRuleAccessInterface
      Returns:
      a List of all for id defined permission

    • getPermissions

      public Collection<String> getPermissions()
      Description copied from interface: MCRRuleAccessInterface
      lists all a-priori permissions like "create-document".
      Specified by:
      getPermissions in interface MCRRuleAccessInterface
      Returns:
      a List of all defined permissions

    • hasRule

      public boolean hasRule(String id, String permission)
      checks wether a rule with the id and permission is defined. It's the same as calling 
          (getRule(id, permission)!=null);
      Specified by:
      hasRule in interface MCRRuleAccessInterface
      Parameters:
      id - the ID-String of the object
      permission - the access permission for the rule
      Returns:
      false, if getRule(id, permission) would return null, else true
      See Also:

    • hasRule

      public boolean hasRule(String id)
      checks wether a rule with the id is defined. It's the same as calling 
          (getPermissionsForID(id).size()>0);
      Specified by:
      hasRule in interface MCRRuleAccessInterface
      Parameters:
      id - the ID-String of the object
      Returns:
      false, if getPermissionsForID(id) would return an empty list, else true
      See Also:

    • getAccessPermissionsFromConfiguration

      public Collection<String> getAccessPermissionsFromConfiguration()
      just returns the String of Access Permissions configured in property "MCR.AccessPermissions"
      Specified by:
      getAccessPermissionsFromConfiguration in interface MCRRuleAccessInterface
      Returns:
      the permissions as List

    • getAllControlledIDs

      public Collection<String> getAllControlledIDs()
      Description copied from interface: MCRRuleAccessInterface
      lists all String IDs, a permission is assigned to. The parameter id serves as an identifier for the concrete underlying rule, e.g. a MCRObjectID.
      Specified by:
      getAllControlledIDs in interface MCRRuleAccessInterface
      Returns:
      a sorted and distinct List of all String IDs

    • createRule

      public void createRule(String rule, String creator, String description)
      Description copied from interface: MCRRuleAccessInterface
      create an access rule in the rulestore using an rule string in plain text
      Specified by:
      createRule in interface MCRRuleAccessInterface
      Parameters:
      rule - the rule string in plain text
      description - a String description of the rule in prosa

    • createRule

      public void createRule(Element rule, String creator, String description)
      Description copied from interface: MCRRuleAccessInterface
      create an access rule in the rulestore using an rule string in plain text
      Specified by:
      createRule in interface MCRRuleAccessInterface
      Parameters:
      rule - the rule string as xml
      description - a String description of the rule in prosa

    • getNormalizedRuleString

      public String getNormalizedRuleString(Element rule)
      Description copied from interface: MCRRuleAccessInterface
      generate rule string from xml
      Specified by:
      getNormalizedRuleString in interface MCRRuleAccessInterface
      Returns:
      the normalized rule string

    • getAccessRule

      public MCRAccessRule getAccessRule(String id, String permission)
      Description copied from interface: MCRRuleAccessInterface
      returns a MCRAccessRule which could be validated All information regarding the current user is capsulated by a MCRSession instance which can be retrieved by 
       MCRSession currentSession = MCRSessionMgr.getCurrentSession();
      The parameter id serves as an identifier for the concrete underlying rule, e.g. a MCRObjectID.
      Specified by:
      getAccessRule in interface MCRRuleAccessInterface
      Parameters:
      id - the ID-String of the object
      permission - the permission/action to be granted, e.g. "read"
      Returns:
      MCRAccessRule instance or null if no rule is defined;
      See Also: