| com.flexive.shared.interfaces.ACLEngine
All known Subclasses: com.flexive.ejb.beans.ACLEngineBean,
ACLEngine | public interface ACLEngine (Code) | | ACL engine interface
author: Gregor Schober (gregor.schober@flexive.com), UCS - unique computing solutions gmbh (http://www.ucs.at) author: Daniel Lichtenberger (daniel.lichtenberger@flexive.com), UCS - unique computing solutions gmbh (http://www.ucs.at) |
Method Summary | |
void | assign(long aclId, long groupId, boolean mayRead, boolean mayEdit, boolean mayRelate, boolean mayRemove, boolean mayExport, boolean mayCreate) Defines a ACL assignment between a group and a ACL. | void | assign(long aclId, long groupId, ACL.Permission... permissions) Defines an ACL assignment between a group and an ACL.
This is a shortcut for assign(long, long, boolean, boolean, boolean, boolean, boolean, boolean)
Parameters: aclId - the acl Parameters: groupId - the group that should be assigned to the acl Parameters: permissions - list of permissions to set (NOT_.. | long | create(String name, FxString label, long mandatorId, String color, String description, ACL.Category category) Creates a new ACL for a specific mandator. | ACL | load(long id) Loads a ACL definied by its unique id. | ACL | load(long id, boolean ignoreSecurity) Loads a ACL definied by its unique id. | List<ACLAssignment> | loadAssignments(long aclId) Loads all ACL assignments of a ACL. | List<ACLAssignment> | loadAssignments(Long aclId, Long groupId) Loads all ACL assignments of a group or acl. | List<ACLAssignment> | loadGroupAssignments(long groupId) Loads all ACL assignments of a group. | void | remove(long aclId) Remove an existing ACL identified by its unique id. | void | unassign(long aclId, long groupId) Removes an ACLAssignment defined by its groupId and aclId. | void | update(long aclId, String name, FxString label, String color, String description, List<ACLAssignment> assignments) Updates a existing ACL. |
assign | void assign(long aclId, long groupId, boolean mayRead, boolean mayEdit, boolean mayRelate, boolean mayRemove, boolean mayExport, boolean mayCreate) throws FxApplicationException(Code) | | Defines a ACL assignment between a group and a ACL.
If all permissions are set to false no assignments is created, and any old assignment is removed.
Any existing assignment between this group and the ACL is overwritten.
The caller must be in ACLManagement and may only assign group and acls belonging zo his mandator.
GROUP_EVERYONE and PRIVATE my be assigned regardless of their mandator.
GLOBAL_SUPERVISOR may assign acls and groups of any mandator.
Parameters: aclId - the acl Parameters: groupId - the group that should be assigned to the acl Parameters: mayRead - the read permission for the group/acl combination Parameters: mayEdit - the edit permission for the group/acl combination Parameters: mayRelate - the relate permission for the group/acl combination Parameters: mayRemove - the unassign permission for the group/acl combination Parameters: mayExport - the export permission for the group/acl combination Parameters: mayCreate - the create permission for the group/acl combination throws: FxApplicationException - when the creation failed, when the calling user lacks the permission to create ACLassignments,when the group or ACL does not exist |
assign | void assign(long aclId, long groupId, ACL.Permission... permissions) throws FxApplicationException(Code) | | Defines an ACL assignment between a group and an ACL.
This is a shortcut for assign(long, long, boolean, boolean, boolean, boolean, boolean, boolean)
Parameters: aclId - the acl Parameters: groupId - the group that should be assigned to the acl Parameters: permissions - list of permissions to set (NOT_.. permissions are ignored as default is false ) throws: FxApplicationException - when the creation failed, when the calling user lacks the permission to create ACLassignments,when the group or ACL does not exist See Also: ACLEngine.assign(long,long,boolean,boolean,boolean,boolean,boolean,boolean) |
create | long create(String name, FxString label, long mandatorId, String color, String description, ACL.Category category) throws FxApplicationException(Code) | | Creates a new ACL for a specific mandator.
The caller needs to be in ACLManagement, and may only create ACLs for the
mandator he belongs to.
GROUP_GLOBAL_SUPERVISOR may create ACLs for all mandators.
Parameters: name - the unique name for the new ACL Parameters: label - display label Parameters: mandatorId - the mandator the ACL belongs to Parameters: color - the color of the acl as 6 digit RGB value, for example FF0000 for pure red Parameters: description - a description for the ACL Parameters: category - the category of the ACL id of the newly created ACL throws: FxApplicationException - creation failed, acl with the given name exists, calling user lackspermissions, parameter (name,mandator,color,category) was invalid, mandator does not exist |
load | ACL load(long id) throws FxApplicationException(Code) | | Loads a ACL definied by its unique id.
The caller may only load ACLs belonging to his mandator, or ACLs that the caller is assigned to.
GROUP_GLOBAL_SUPERVISOR may load all ACLs.
Parameters: id - the unique id of the ACL that should be loaded the ACL throws: FxApplicationException - load failed, acl does no exist, calling user may not access the ACL |
load | ACL load(long id, boolean ignoreSecurity) throws FxApplicationException(Code) | | Loads a ACL definied by its unique id.
If ignoreSecurity is true the following permissison checks are performed:
The caller may only load ACLs belonging to his mandator.
GROUP_GLOBAL_SUPERVISOR may load all ACLs.
Parameters: id - the unique id of the ACL that should be loaded Parameters: ignoreSecurity - security checks are skipped if set to true the ACL throws: FxApplicationException - load failed, acl doesnt exist, calling user may not access the ACL |
loadAssignments | List<ACLAssignment> loadAssignments(long aclId) throws FxApplicationException(Code) | | Loads all ACL assignments of a ACL.
The caller may only load ACLAssingments belonging to a ACL of his mandator.
GLOBAL_SUPERVISOR may load the ACLAssignments of all ACL.
Parameters: aclId - the acl to load the assignment for the ACL assignments of the group throws: FxApplicationException - not found, load failed, no access |
loadAssignments | List<ACLAssignment> loadAssignments(Long aclId, Long groupId) throws FxApplicationException(Code) | | Loads all ACL assignments of a group or acl.
The caller may only load ACL assingments belonging to a group or acl of his mandator.
GLOBAL_SUPERVISOR may load the ACL assignments of all groups.
Parameters: aclId - the acl to load the ACL assigments for, or null Parameters: groupId - the group to load the ACL assignment for, or null the ACL assignments of the group throws: FxApplicationException - when no data was found, if the user may not access the data, or when aunexpected error occured |
loadGroupAssignments | List<ACLAssignment> loadGroupAssignments(long groupId) throws FxApplicationException(Code) | | Loads all ACL assignments of a group.
The caller may only load ACLAssingments belonging to a group of his mandator.
GLOBAL_SUPERVISOR may load the ACLAssignments of all groups.
Parameters: groupId - the group to load the ACL assignment for the ACL assignments of the group throws: FxApplicationException - not found, load failed, caller may not access the given group |
remove | void remove(long aclId) throws FxApplicationException(Code) | | Remove an existing ACL identified by its unique id.
A ACL may only be removed if it is not used by any object within the system.
The calling user needs to be in ACLManagement, and may only unassign ACLs belonging
to his mandator.
GROUP_GLOBAL_SUPERVISOR may unassign ACLs of mandators.
Parameters: aclId - the id of the ACL to remove throws: FxApplicationException - when the function failed to unassign the ACL,when a ACL with the given id does not exist,when the function failed to unassign the ACL |
unassign | void unassign(long aclId, long groupId) throws FxApplicationException(Code) | | Removes an ACLAssignment defined by its groupId and aclId.
Only callers in ACLManagement may unassign ACLAssignments of groups and acl belonging to his mandator.
GROUP_EVERYONE and PRIVATE my be assigned regardless of their mandator.
GLOBAL_SUPERVISOR may unassign every ACLAssignment.
Parameters: aclId - a acl id Parameters: groupId - a group id throws: FxApplicationException - when the unassign failed,when a assignment with the groupId and aclId combination does not exist,when the calling user lacks the permission to manage ACLs |
update | void update(long aclId, String name, FxString label, String color, String description, List<ACLAssignment> assignments) throws FxApplicationException(Code) | | Updates a existing ACL.
The calling user needs to be in ACLManagement, and may only update ACLs belonging to his
mandator.
GROUP_GLOBAL_SUPERVISOR may update ACLs of all mandators.
Parameters: aclId - The unique id of the acl that should be updated Parameters: name - The new unqiue name of the ACL, or null if the old name should be kept Parameters: label - display label Parameters: color - The new color of the ACL, or null if the old color should be kept Parameters: description - The new description of the ACL, or null if the old description should be kept Parameters: assignments - ACL assignments throws: FxApplicationException - update failed, acl does not exist, user lacks permissions, parameter isinvalid, acl with the given name exists |
|
|