| java.lang.Object org.apache.wicket.authorization.strategies.role.AbstractRoleAuthorizationStrategy org.apache.wicket.authorization.strategies.role.metadata.MetaDataRoleAuthorizationStrategy
MetaDataRoleAuthorizationStrategy | public class MetaDataRoleAuthorizationStrategy extends AbstractRoleAuthorizationStrategy (Code) | | Strategy that uses the Wicket metadata facility to check authorization. The
static authorize methods are for authorizing component actions
and component instantiation by role. This class is is the main entry point
for users wanting to use the roles-based authorization of the
wicket-auth-roles package based on wicket metadata.
For instance, use like:
MetaDataRoleAuthorizationStrategy.authorize(myPanel, RENDER, "ADMIN");
for actions on component instances, or:
MetaDataRoleAuthorizationStrategy.authorize(AdminBookmarkablePage.class, "ADMIN");
for doing role based authorization for component instantation.
See Also: org.apache.wicket.MetaDataKey author: Eelco Hillenius author: Jonathan Locke |
Method Summary | |
final public static void | authorize(Class<? extends Component> componentClass, String roles) Authorizes the given role to create component instances of type
componentClass. | final public static void | authorize(Component component, Action action, String roles) Authorizes the given role to perform the given action on the given
component. | final public static void | authorizeAll(Class<? extends Component> componentClass) Grants permission to all roles to create instances of the given component
class. | final public static void | authorizeAll(Component component, Action action) Grants permission to all roles to perform the given action on the given
component. | public boolean | isActionAuthorized(Component component, Action action) Uses component level meta data to match roles for component action
execution. | public boolean | isInstantiationAuthorized(Class componentClass) Uses application level meta data to match roles for component
instantiation. | final public static void | unauthorize(Class<? extends Component> componentClass, String roles) Removes permission for the given roles to create instances of the given
component class. | final public static void | unauthorize(Component component, Action action, String roles) Removes permission for the given role to perform the given action on the
given component. | final public static void | unauthorizeAll(Class<? extends Component> componentClass) Grants authorization to instantiate the given class to just the role
NO_ROLE, effectively denying all other roles. | final public static void | unauthorizeAll(Component component, Action action) Grants authorization to perform the given action to just the role
NO_ROLE, effectively denying all other roles. |
ACTION_PERMISSIONS | final public static MetaDataKey ACTION_PERMISSIONS(Code) | | Component meta data key for ations/ roles information. Typically, you do
not need to use this meta data key directly, but instead use one of the
bind methods of this class.
|
INSTANTIATION_PERMISSIONS | final public static MetaDataKey INSTANTIATION_PERMISSIONS(Code) | | Application meta data key for ations/ roles information. Typically, you
do not need to use this meta data key directly, but instead use one of
the bind methods of this class.
|
NO_ROLE | final public static String NO_ROLE(Code) | | Special role string for denying access to all
|
MetaDataRoleAuthorizationStrategy | public MetaDataRoleAuthorizationStrategy(IRoleCheckingStrategy roleCheckingStrategy)(Code) | | Construct.
Parameters: roleCheckingStrategy - the authorizer object |
authorize | final public static void authorize(Class<? extends Component> componentClass, String roles)(Code) | | Authorizes the given role to create component instances of type
componentClass. This authorization is added to any previously authorized
roles.
Parameters: componentClass - The component type that is subject for the authorization Parameters: roles - The comma separated roles that are authorized to createcomponent instances of type componentClass |
authorize | final public static void authorize(Component component, Action action, String roles)(Code) | | Authorizes the given role to perform the given action on the given
component.
Parameters: component - The component that is subject to the authorization Parameters: action - The action to authorize Parameters: roles - The comma separated roles to authorize |
authorizeAll | final public static void authorizeAll(Class<? extends Component> componentClass)(Code) | | Grants permission to all roles to create instances of the given component
class.
Parameters: componentClass - The component class |
authorizeAll | final public static void authorizeAll(Component component, Action action)(Code) | | Grants permission to all roles to perform the given action on the given
component.
Parameters: component - The component that is subject to the authorization Parameters: action - The action to authorize |
unauthorize | final public static void unauthorize(Class<? extends Component> componentClass, String roles)(Code) | | Removes permission for the given roles to create instances of the given
component class. There is no danger in removing authorization by calling
this method. If the last authorization grant is removed for a given
componentClass, the internal role NO_ROLE will automatically be added,
effectively denying access to all roles (if this was not done, all roles
would suddenly have access since no authorization is equivalent to full
access).
Parameters: componentClass - The component type Parameters: roles - The comma separated list of roles that are no longer to beauthorized to create instances of type componentClass |
unauthorize | final public static void unauthorize(Component component, Action action, String roles)(Code) | | Removes permission for the given role to perform the given action on the
given component. There is no danger in removing authorization by calling
this method. If the last authorization grant is removed for a given
action, the internal role NO_ROLE will automatically be added,
effectively denying access to all roles (if this was not done, all roles
would suddenly have access since no authorization is equivalent to full
access).
Parameters: component - The component Parameters: action - The action Parameters: roles - The comma separated list of roles that are no longer allowedto perform the given action |
unauthorizeAll | final public static void unauthorizeAll(Class<? extends Component> componentClass)(Code) | | Grants authorization to instantiate the given class to just the role
NO_ROLE, effectively denying all other roles.
Parameters: componentClass - The component class |
unauthorizeAll | final public static void unauthorizeAll(Component component, Action action)(Code) | | Grants authorization to perform the given action to just the role
NO_ROLE, effectively denying all other roles.
Parameters: component - the component that is subject to the authorization Parameters: action - the action to authorize |
Methods inherited from org.apache.wicket.authorization.strategies.role.AbstractRoleAuthorizationStrategy | final protected boolean hasAny(Roles roles)(Code)(Java Doc) final protected boolean isEmpty(Roles roles)(Code)(Java Doc)
|
|
|