Package org.apache.ofbiz.security
Interface Security
-
public interface Security
Security interface. This interface defines authorization-related methods.Implementations must be thread-safe because the instance will be shared among multiple threads.
Note that the API is changing. New versions might not reference a
Delegator
. Therefore, implementations requiring aDelegator
reference should get one from theGenericValue
method argument.
-
-
Method Summary
All Methods Instance Methods Abstract Methods Deprecated Methods Modifier and Type Method Description void
clearUserData(GenericValue userLogin)
Clears any user-related cached data.java.util.Iterator<GenericValue>
findUserLoginSecurityGroupByUserLoginId(java.lang.String userLoginId)
Deprecated.No replacement.Delegator
getDelegator()
Deprecated.No replacement.boolean
hasEntityPermission(java.lang.String entity, java.lang.String action, javax.servlet.http.HttpSession session)
Like hasPermission above, except it has functionality specific to Entity permissions.boolean
hasEntityPermission(java.lang.String entity, java.lang.String action, GenericValue userLogin)
Like hasPermission above, except it has functionality specific to Entity permissions.boolean
hasPermission(java.lang.String permission, javax.servlet.http.HttpSession session)
Checks to see if the currently logged in userLogin has the passed permission.boolean
hasPermission(java.lang.String permission, GenericValue userLogin)
Checks to see if the userLogin has the passed permission.boolean
hasRolePermission(java.lang.String application, java.lang.String action, java.lang.String primaryKey, java.lang.String role, javax.servlet.http.HttpSession session)
Like hasEntityPermission above, this checks the specified action, as well as for "_ADMIN" to allow for simplified general administration permission, but also checks action_ROLE and validates the user is a member for the application.boolean
hasRolePermission(java.lang.String application, java.lang.String action, java.lang.String primaryKey, java.lang.String role, GenericValue userLogin)
Like hasEntityPermission above, this checks the specified action, as well as for "_ADMIN" to allow for simplified general administration permission, but also checks action_ROLE and validates the user is a member for the application.boolean
hasRolePermission(java.lang.String application, java.lang.String action, java.lang.String primaryKey, java.util.List<java.lang.String> roles, javax.servlet.http.HttpSession session)
Like hasEntityPermission above, this checks the specified action, as well as for "_ADMIN" to allow for simplified general administration permission, but also checks action_ROLE and validates the user is a member for the application.boolean
hasRolePermission(java.lang.String application, java.lang.String action, java.lang.String primaryKey, java.util.List<java.lang.String> roles, GenericValue userLogin)
Like hasEntityPermission above, this checks the specified action, as well as for "_ADMIN" to allow for simplified general administration permission, but also checks action_ROLE and validates the user is a member for the application.boolean
securityGroupPermissionExists(java.lang.String groupId, java.lang.String permission)
Deprecated.No replacement.void
setDelegator(Delegator delegator)
Deprecated.No replacement.
-
-
-
Method Detail
-
getDelegator
@Deprecated Delegator getDelegator()
Deprecated.No replacement.
-
setDelegator
@Deprecated void setDelegator(Delegator delegator)
Deprecated.No replacement.
-
findUserLoginSecurityGroupByUserLoginId
@Deprecated java.util.Iterator<GenericValue> findUserLoginSecurityGroupByUserLoginId(java.lang.String userLoginId)
Deprecated.No replacement.Uses userLoginSecurityGroupByUserLoginId cache to speed up the finding of the userLogin's security group list.- Parameters:
userLoginId
- The userLoginId to find security groups by- Returns:
- An iterator made from the Collection either cached or retrieved from the database through the UserLoginSecurityGroup Delegator.
-
securityGroupPermissionExists
@Deprecated boolean securityGroupPermissionExists(java.lang.String groupId, java.lang.String permission)
Deprecated.No replacement.Finds whether or not a SecurityGroupPermission row exists given a groupId and permission. The groupId,permission pair is cached instead of the userLoginId,permission pair to keep the cache small and to make it more changeable.- Parameters:
groupId
- The ID of the grouppermission
- The name of the permission- Returns:
- boolean specifying whether or not a SecurityGroupPermission row exists
-
hasPermission
boolean hasPermission(java.lang.String permission, javax.servlet.http.HttpSession session)
Checks to see if the currently logged in userLogin has the passed permission.- Parameters:
permission
- Name of the permission to check.session
- The current HTTP session, contains the logged in userLogin as an attribute.- Returns:
- Returns true if the currently logged in userLogin has the specified permission, otherwise returns false.
-
hasPermission
boolean hasPermission(java.lang.String permission, GenericValue userLogin)
Checks to see if the userLogin has the passed permission.- Parameters:
permission
- Name of the permission to check.userLogin
- The userLogin object for user to check against.- Returns:
- Returns true if the currently logged in userLogin has the specified permission, otherwise returns false.
-
hasEntityPermission
boolean hasEntityPermission(java.lang.String entity, java.lang.String action, javax.servlet.http.HttpSession session)
Like hasPermission above, except it has functionality specific to Entity permissions. Checks the entity for the specified action, as well as for "_ADMIN" to allow for simplified general administration permission.- Parameters:
entity
- The name of the Entity corresponding to the desired permission.action
- The action on the Entity corresponding to the desired permission.session
- The current HTTP session, contains the logged in userLogin as an attribute.- Returns:
- Returns true if the currently logged in userLogin has the specified permission, otherwise returns false.
-
hasEntityPermission
boolean hasEntityPermission(java.lang.String entity, java.lang.String action, GenericValue userLogin)
Like hasPermission above, except it has functionality specific to Entity permissions. Checks the entity for the specified action, as well as for "_ADMIN" to allow for simplified general administration permission.- Parameters:
entity
- The name of the Entity corresponding to the desired permission.action
- The action on the Entity corresponding to the desired permission.userLogin
- The userLogin object for user to check against.- Returns:
- Returns true if the currently logged in userLogin has the specified permission, otherwise returns false.
-
hasRolePermission
boolean hasRolePermission(java.lang.String application, java.lang.String action, java.lang.String primaryKey, java.lang.String role, javax.servlet.http.HttpSession session)
Like hasEntityPermission above, this checks the specified action, as well as for "_ADMIN" to allow for simplified general administration permission, but also checks action_ROLE and validates the user is a member for the application.- Parameters:
application
- The name of the application corresponding to the desired permission.action
- The action on the application corresponding to the desired permission.primaryKey
- The primary key for the role check.role
- The roleTypeId which the user must validate with.session
- The current HTTP session, contains the logged in userLogin as an attribute.- Returns:
- Returns true if the currently logged in userLogin has the specified permission, otherwise returns false.
-
hasRolePermission
boolean hasRolePermission(java.lang.String application, java.lang.String action, java.lang.String primaryKey, java.lang.String role, GenericValue userLogin)
Like hasEntityPermission above, this checks the specified action, as well as for "_ADMIN" to allow for simplified general administration permission, but also checks action_ROLE and validates the user is a member for the application.- Parameters:
application
- The name of the application corresponding to the desired permission.action
- The action on the application corresponding to the desired permission.primaryKey
- The primary key for the role check.role
- The roleTypeId which the user must validate with.userLogin
- The userLogin object for user to check against.- Returns:
- Returns true if the currently logged in userLogin has the specified permission, otherwise returns false.
-
hasRolePermission
boolean hasRolePermission(java.lang.String application, java.lang.String action, java.lang.String primaryKey, java.util.List<java.lang.String> roles, GenericValue userLogin)
Like hasEntityPermission above, this checks the specified action, as well as for "_ADMIN" to allow for simplified general administration permission, but also checks action_ROLE and validates the user is a member for the application.- Parameters:
application
- The name of the application corresponding to the desired permission.action
- The action on the application corresponding to the desired permission.primaryKey
- The primary key for the role check.roles
- List of roleTypeId of which the user must validate with (ORed).userLogin
- The userLogin object for user to check against.- Returns:
- Returns true if the currently logged in userLogin has the specified permission, otherwise returns false.
-
hasRolePermission
boolean hasRolePermission(java.lang.String application, java.lang.String action, java.lang.String primaryKey, java.util.List<java.lang.String> roles, javax.servlet.http.HttpSession session)
Like hasEntityPermission above, this checks the specified action, as well as for "_ADMIN" to allow for simplified general administration permission, but also checks action_ROLE and validates the user is a member for the application.- Parameters:
application
- The name of the application corresponding to the desired permission.action
- The action on the application corresponding to the desired permission.primaryKey
- The primary key for the role check.roles
- List of roleTypeId of which the user must validate with (ORed).session
- The current HTTP session, contains the logged in userLogin as an attribute.- Returns:
- Returns true if the currently logged in userLogin has the specified permission, otherwise returns false.
-
clearUserData
void clearUserData(GenericValue userLogin)
Clears any user-related cached data. This method is called by the framework to indicate a user has logged out. Implementations should clear any cached data related to the user.- Parameters:
userLogin
- The user login to be cleared
-
-