com.semarchy.mdm.runtime.model.security
Interface IDataAccessModelSecurityProvider


public interface IDataAccessModelSecurityProvider

Allows to check the actual privileges granted for a given dataAccessmodel and user

Author:
sarod

Method Summary
 AttributeAuthorization getAttributeAuthorization(IViewAttribute<? extends IAttribute> attribute)
          Return the AttributeAuthorization for an IViewAttribute
 RowScope getCheckoutAuthorizationScope(IView view)
          Get checkout RowScope for the given view
 RowScope getCreateAuthorizationScope(IView dataEntryView)
          Get create RowScope for the given view
 RowScope getExportAuthorizationScope(IView view)
          Returns the RowScope under which the view export is authorized.
 List<IViewAttribute<? extends IAttribute>> getReadableAttributes(List<IViewAttribute<? extends IAttribute>> attributes)
          This method return a new list containing only attributes for which isReadAuthorized(IViewAttribute) returns true.
 RowScope getReadAuthorizationScope(IView view)
          Get read RowScope for the given view
 Set<String> getRoleNames()
          Return the list of role names for current user.
 String getUsername()
          Authenticated user name
 boolean isCheckoutAuthorized(IView view)
          Returns true if some rows can be checked out on view i.e.
 boolean isCreateAuthorized(IView dataEntryView)
          Returns true if some rows can be created on view i.e.
 boolean isCreateChildAuthorized(IOneToManyNode navNode)
           
 boolean isExportAuthorized(IView view)
          Returns true if some rows are exportable on view i.e.
 boolean isNavigationAuthorized(INavigationNode node)
          Return true if navigation on this node is authorized, false otherwise.
 boolean isReadAuthorized(IView view)
          Returns true if some rows can be read on view i.e.
 boolean isReadAuthorized(IViewAttribute<? extends IAttribute> attribute)
          Returns true if attribute can be read for some rows i.e.
 boolean isWriteAuthorized(IViewAttribute<? extends IAttribute> attribute)
          Returns true if attribute can be written for some rows i.e.
 

Method Detail

getUsername

String getUsername()
Authenticated user name

Returns:

getRoleNames

Set<String> getRoleNames()
Return the list of role names for current user. Caller should generally rely on more specific methods to check privileges.

Returns:

getExportAuthorizationScope

RowScope getExportAuthorizationScope(IView view)
Returns the RowScope under which the view export is authorized.

Parameters:
view -
Returns:

isExportAuthorized

boolean isExportAuthorized(IView view)
Returns true if some rows are exportable on view i.e. getExportAuthorizationScope(IView) is not RowScope.NO_ROWS

Parameters:
dataEntryView -
Returns:

getCreateAuthorizationScope

RowScope getCreateAuthorizationScope(IView dataEntryView)
Get create RowScope for the given view

Parameters:
view -
Returns:

isCreateAuthorized

boolean isCreateAuthorized(IView dataEntryView)
Returns true if some rows can be created on view i.e. getCreateAuthorizationScope(IView) is not RowScope.NO_ROWS

Parameters:
dataEntryView -
Returns:

getCheckoutAuthorizationScope

RowScope getCheckoutAuthorizationScope(IView view)
Get checkout RowScope for the given view

Parameters:
view -
Returns:

isCheckoutAuthorized

boolean isCheckoutAuthorized(IView view)
Returns true if some rows can be checked out on view i.e. getCheckoutAuthorizationScope(IView) is not RowScope.NO_ROWS

Parameters:
view -
Returns:
true if authorized to checkout, false otherwise

getReadAuthorizationScope

RowScope getReadAuthorizationScope(IView view)
Get read RowScope for the given view

Parameters:
view -
Returns:

isReadAuthorized

boolean isReadAuthorized(IView view)
Returns true if some rows can be read on view i.e. getReadAuthorizationScope(IView) is not RowScope.NO_ROWS

Parameters:
view -

getAttributeAuthorization

AttributeAuthorization getAttributeAuthorization(IViewAttribute<? extends IAttribute> attribute)
Return the AttributeAuthorization for an IViewAttribute

Parameters:
attribute -
Returns:

isReadAuthorized

boolean isReadAuthorized(IViewAttribute<? extends IAttribute> attribute)
Returns true if attribute can be read for some rows i.e. getAttributeAuthorization(IViewAttribute. AttributeAuthorization.getReadAuthorizedScope() is not RowScope.NO_ROWS

Parameters:
attribute -
Returns:
See Also:
getAttributeAuthorization(IViewAttribute), AttributeAuthorization.getReadAuthorizedScope()

isWriteAuthorized

boolean isWriteAuthorized(IViewAttribute<? extends IAttribute> attribute)
Returns true if attribute can be written for some rows i.e. getAttributeAuthorization(IViewAttribute. AttributeAuthorization.getWriteAuthorizedScope() is not RowScope.NO_ROWS

Parameters:
attribute -
Returns:
See Also:
getAttributeAuthorization(IViewAttribute), AttributeAuthorization.getWriteAuthorizedScope()

isNavigationAuthorized

boolean isNavigationAuthorized(INavigationNode node)
Return true if navigation on this node is authorized, false otherwise. This method return true if

Parameters:
node -
See Also:
isReadAuthorized(IView)

getReadableAttributes

List<IViewAttribute<? extends IAttribute>> getReadableAttributes(List<IViewAttribute<? extends IAttribute>> attributes)
This method return a new list containing only attributes for which isReadAuthorized(IViewAttribute) returns true.

Parameters:
attributes -
Returns:

isCreateChildAuthorized

boolean isCreateChildAuthorized(IOneToManyNode navNode)


Copyright © 2015. All Rights Reserved.