public interface OwRoleManager
Interface for the role manager.
Override this class to implement your own role manager
and set the role manager in the bootstrap settings.
You get a instance of the RoleManager by calling getContext().getRoleManager().
Alfresco Workdesk
Copyright (c) Alfresco Software, Inc.
All rights reserved.
For licensing information read the license.txt file or
go to: http://wiki.alfresco.com
Modifier and Type | Field and Description |
---|---|
static int[] |
m_predefinedcategories
array of all predefined categories
|
static int |
ROLE_ACCESS_MASK_FLAG_DYNAMIC_RESOURCE_MODIFY
access mask flag for startup folder: modify this property
|
static int |
ROLE_ACCESS_MASK_FLAG_INDEX_FIELD_MODIFY
access mask flag for Object classes: modify this property
|
static int |
ROLE_ACCESS_MASK_FLAG_INDEX_FIELD_VIEW
access mask flag for Object classes: view this property
|
static int |
ROLE_ACCESS_MASK_FLAG_OBJECT_CLASSES_CHECKIN
access mask flag for Object classes: checkin objects of this class
|
static int |
ROLE_ACCESS_MASK_FLAG_OBJECT_CLASSES_CREATE
access mask flag for Object classes: create objects of this class
|
static int |
ROLE_ACCESS_MASK_FLAG_OBJECT_CLASSES_VIEW
access mask flag for Object classes: view objects of this class
|
static int |
ROLE_ACCESS_RIGHT_ALLOWED
the role is granted to the resource
|
static int |
ROLE_ACCESS_RIGHT_DENIED
the role is explicitly denied for that resource.
|
static int |
ROLE_ACCESS_RIGHT_NOT_ALLOWED
default access right: the role has no access to the resource
|
static int |
ROLE_CATEGORY_BPM_PROCESS_DEFINITION
Category for process definitions.
|
static int |
ROLE_CATEGORY_DESIGN
category for the design
|
static int |
ROLE_CATEGORY_INDEX_FIELDS
category for index fields
|
static int |
ROLE_CATEGORY_OBJECT_CLASSES
category for object classes
|
static int |
ROLE_CATEGORY_PLUGIN
category for the plugins to check against role system, used in isAllowed(...)
|
static int |
ROLE_CATEGORY_SEARCH_TEMPLATE
category for the search templates displayed in search to check against role system, used in isAllowed(...)
|
static int |
ROLE_CATEGORY_SELECTIVE_CONFIGURATION
category for the selective configuration
|
static int |
ROLE_CATEGORY_STANDARD_FUNCTION
category for the standard functions to check against role system, used in isAllowed(...)
|
static int |
ROLE_CATEGORY_STARTUP_FOLDER
category for startup folder
|
static int |
ROLE_CATEGORY_USER_START
user defined categories in overridden role managers start here
|
static int |
ROLE_CATEGORY_VIRTUAL_FOLDER
category for startup folder
|
static int |
ROLE_CATEGORY_VIRTUAL_QUEUE
category for virtual queues to check against role system, used in isAllowed(...)
|
static int |
ROLE_RESOURCE_CONTEXT_CHECKIN
resource context CHECKIN
|
static int |
ROLE_RESOURCE_CONTEXT_CREATE
resource context CREATE
|
static int |
ROLE_RESOURCE_CONTEXT_VIEW
resource context VIEW
|
static String |
STD_FUNC_CAN_EDIT_SITE_SETTINGS
resource ID
|
Modifier and Type | Method and Description |
---|---|
boolean |
canExplicitDeny()
Check if rolemanager supports explicit deny of resources.
|
boolean |
canPersistAccessMask()
Check if the rolemanager can persist changes on the access mask.
|
boolean |
canRefreshStaticConfiguration()
Check if update the configuration data is supported
|
int |
getAccessMask(String roleName_p,
int category_p,
String resourceId_p)
Get the access mask for this resource.
|
Map |
getAccessMaskDescriptions(int category_p)
Returns a map between the access right flag and the localized display name.
|
int |
getAccessRights(String roleName_p,
int category_p,
String resourceId_p)
Retrieves the access rights for a given role to a given resource.
|
Collection |
getAllowedResources(int category_p)
get all resources the current user has access to for a given category
|
Collection |
getCategories()
get all defined categories and displaynames as a map
|
String |
getCategoryDisplayName(Locale locale_p,
int categorie_p)
get a display name for the given category
|
Collection |
getConfiguredCategories()
Get configured categories and displaynames as a map.
|
OwXMLUtil |
getDefaultMIMENode(int iObjectType_p)
get the default MIME XML Entry for the given object type.
|
String |
getDesign()
get the name of the design for the current user can be overridden by rolemanager implementation
Specifies the subfolder under /designs/ where to retrieve the design files.
|
String |
getMasterRole()
get the master role that is currently selected for the current user
|
String |
getMasterRoleDisplayName(Locale locale_p,
String strRole_p)
get a displayname for the given master role
|
Collection |
getMasterRoles()
get a list of master roles that can be selected for the current user
|
OwXMLUtil |
getMIMENode(String strMIMEType_p)
get the MIME XML Entry for the given MIMEType.
|
OwXMLUtil |
getPlugin(String strID_p)
get a plugin description by its key
that are allowed for the logged on user.
|
List |
getPlugins(String strType_p)
get a list of plugin description OwXMLUtil nodes by type as defined in OwConfiguration,
that are allowed for the logged on user.
|
String |
getResourceDisplayName(Locale locale_p,
int categorie_p,
String strID_p)
get a display name for the given category
|
Collection |
getResources(int category_p)
get all available resources for a given category
|
boolean |
hasAccessMaskRight(int iCategory_p,
String strResourceID_p,
int requiredAccessMask_p)
checks if the current user designated by its credentials is allowed to use the
given resource and has the required right in its access mask for that resource.
|
boolean |
hasMasterRoles()
check if selectable master roles are supported by the rolemanager for the current user
|
void |
init(OwRoleManagerContext mainContext_p,
OwXMLUtil configNode_p)
init the manager, set context
optionally set a prefix to distinguish several different applications.
|
boolean |
isAllowed(int iCategory_p,
String strResourceID_p)
checks if the current user designated by its credentials is allowed to use the given resource / function
|
boolean |
isGlobalRole(String roleName_p)
Determine if the given role name is a global role or a mandator specific role.
|
boolean |
isGlobalRoleModificationAllowed()
Check if the current user is allowed to modify global roles, which are not bound to a specific mandator.
|
boolean |
isStaticResourceCategory(int category_p) |
void |
loginInit()
init called AFTER the user has logged in.
|
void |
refreshStaticConfiguration()
Refresh the static configuration data
|
void |
replaceResource(String roleName_p,
int category_p,
String oldResourceId_p,
String newResourceId_p)
Replaces the given dynamic old resource with a new one for its occurrences in
access settings entries corresponding to the given role.
|
void |
setAccessMask(String roleName_p,
int category_p,
String resourceId_p,
int accessMask_p)
Set the access mask for this resource.
|
void |
setAccessRights(String roleName_p,
int category_p,
String resourceId_p,
int accessRights_p)
Persists the access rights for a given role to a given resource.
|
boolean |
setMasterRole(String strRole_p)
set the role that is currently selected for the user
|
static final int ROLE_CATEGORY_PLUGIN
static final int ROLE_CATEGORY_VIRTUAL_QUEUE
static final int ROLE_CATEGORY_SEARCH_TEMPLATE
static final int ROLE_CATEGORY_STANDARD_FUNCTION
static final int ROLE_CATEGORY_DESIGN
static final int ROLE_CATEGORY_SELECTIVE_CONFIGURATION
static final int ROLE_CATEGORY_OBJECT_CLASSES
static final int ROLE_CATEGORY_INDEX_FIELDS
static final int ROLE_CATEGORY_STARTUP_FOLDER
static final int ROLE_CATEGORY_VIRTUAL_FOLDER
static final int ROLE_CATEGORY_BPM_PROCESS_DEFINITION
static final int ROLE_CATEGORY_USER_START
static final int ROLE_RESOURCE_CONTEXT_CREATE
static final int ROLE_RESOURCE_CONTEXT_CHECKIN
static final int ROLE_RESOURCE_CONTEXT_VIEW
static final int[] m_predefinedcategories
static final int ROLE_ACCESS_RIGHT_NOT_ALLOWED
static final int ROLE_ACCESS_RIGHT_ALLOWED
static final int ROLE_ACCESS_RIGHT_DENIED
static final int ROLE_ACCESS_MASK_FLAG_OBJECT_CLASSES_VIEW
static final int ROLE_ACCESS_MASK_FLAG_OBJECT_CLASSES_CREATE
static final int ROLE_ACCESS_MASK_FLAG_OBJECT_CLASSES_CHECKIN
static final int ROLE_ACCESS_MASK_FLAG_INDEX_FIELD_VIEW
static final int ROLE_ACCESS_MASK_FLAG_INDEX_FIELD_MODIFY
static final int ROLE_ACCESS_MASK_FLAG_DYNAMIC_RESOURCE_MODIFY
static final String STD_FUNC_CAN_EDIT_SITE_SETTINGS
void init(OwRoleManagerContext mainContext_p, OwXMLUtil configNode_p) throws Exception
mainContext_p
- reference to the main app context of the applicationconfigNode_p
- OwXMLUtil node with configuration informationException
void loginInit() throws Exception
Exception
void refreshStaticConfiguration() throws Exception
Exception
boolean canRefreshStaticConfiguration() throws Exception
Exception
boolean isAllowed(int iCategory_p, String strResourceID_p) throws Exception
iCategory_p
- of the requested functionstrResourceID_p
- String ID of the requested resource (function / plugin id)Exception
boolean hasAccessMaskRight(int iCategory_p, String strResourceID_p, int requiredAccessMask_p) throws Exception
iCategory_p
- of the requested functionstrResourceID_p
- String ID of the requested resource (function / plugin id)requiredAccessMask_p
- a 32 bit bitset with all flags set that have to be checked for the current userException
Collection getAllowedResources(int category_p) throws Exception
category_p
- int category for given userException
String getDesign() throws Exception
Exception
List getPlugins(String strType_p) throws Exception
Exception
OwXMLUtil getPlugin(String strID_p) throws Exception
Exception
OwXMLUtil getMIMENode(String strMIMEType_p) throws Exception
<?xml version="1.0"?> <mimetable> <mime typ="file/txt"> <icon>file_txt.png</icon> <viewerservlet>getConent</viewerservlet> </mime> <!--further MIME entries--> </mimetable>
strMIMEType_p
- OwObject MIMETypeException
OwXMLUtil getDefaultMIMENode(int iObjectType_p) throws Exception
iObjectType_p
- ObjecttypeException
Collection getCategories()
Collection getConfiguredCategories()
Collection
of Integer
keys (categories).String getCategoryDisplayName(Locale locale_p, int categorie_p)
locale_p
- Locale to usecategorie_p
- Integer from getCategories() methodCollection getResources(int category_p) throws Exception
category_p
- int categoryException
String getResourceDisplayName(Locale locale_p, int categorie_p, String strID_p)
locale_p
- Locale to usecategorie_p
- Integer from getCategories() methodstrID_p
- String resource IDint getAccessRights(String roleName_p, int category_p, String resourceId_p) throws Exception
roleName_p
- the name of the role to retrieve the access rights forcategory_p
- the category of the resource to retrieve the access rights forresourceId_p
- the ID of the resource to retrieve the access rights forException
ROLE_ACCESS_RIGHT_NOT_ALLOWED
,
ROLE_ACCESS_RIGHT_ALLOWED
,
ROLE_ACCESS_RIGHT_DENIED
void setAccessRights(String roleName_p, int category_p, String resourceId_p, int accessRights_p) throws Exception
roleName_p
- name of the role to set the access rights forcategory_p
- category of the resource to set the access rights forresourceId_p
- ID of the resource to set the access rights foraccessRights_p
- the new access rights to persist as one of the ROLE_ACCESS_RIGHT_ constantsException
ROLE_ACCESS_RIGHT_NOT_ALLOWED
,
ROLE_ACCESS_RIGHT_ALLOWED
,
ROLE_ACCESS_RIGHT_DENIED
void replaceResource(String roleName_p, int category_p, String oldResourceId_p, String newResourceId_p) throws Exception
roleName_p
- category_p
- oldResourceId_p
- newResourceId_p
- Exception
int getAccessMask(String roleName_p, int category_p, String resourceId_p)
roleName_p
- the name of the role to retrieve the access mask forcategory_p
- the category of the resource to retrieve the access mask forresourceId_p
- the ID of the resource to retrieve the access mask forvoid setAccessMask(String roleName_p, int category_p, String resourceId_p, int accessMask_p) throws Exception
roleName_p
- name of the role to set the access mask forcategory_p
- category of the resource to set the access mask forresourceId_p
- ID of the resource to set the access mask foraccessMask_p
- the new access maskException
boolean canExplicitDeny()
boolean canPersistAccessMask()
boolean isGlobalRoleModificationAllowed()
boolean isGlobalRole(String roleName_p)
roleName_p
- the name of the role to checkMap getAccessMaskDescriptions(int category_p)
category_p
- the category to retrieve the flag map forCollection getMasterRoles() throws Exception
Exception
String getMasterRoleDisplayName(Locale locale_p, String strRole_p) throws Exception
locale_p
- Locale to usestrRole_p
- StringException
String getMasterRole() throws Exception
Exception
boolean setMasterRole(String strRole_p) throws Exception
strRole_p
- StringException
boolean hasMasterRoles()
boolean isStaticResourceCategory(int category_p)
category_p
- Copyright © 2014 Alfresco Business Solutions. All Rights Reserved.