Module org.apache.wicket.auth.roles
Package org.apache.wicket.authroles.authorization.strategies.role.metadata

Class ActionPermissions

java.lang.Object
org.apache.wicket.authroles.authorization.strategies.role.metadata.ActionPermissions
All Implemented Interfaces:
Serializable, IClusterable
public final class ActionPermissions extends Object implements IClusterable
For each Action, holds a set of roles that can perform that action. Roles can be granted access to a given action via authorize(Action, String role) and denied access via unauthorize(Action, String role). All permissions can be removed for a given action via authorizeAll(Action).
Author:
Eelco Hillenius, Jonathan Locke
See Also:

  • Constructor Details

  • Method Details

    • authorize

      public final void authorize(Action action, Roles rolesToAdd)
      Gives permission for the given roles to perform the given action
      Parameters:
      action - The action
      rolesToAdd - The roles

    • authorizeAll

      public final void authorizeAll(Action action)
      Remove all authorization for the given action.
      Parameters:
      action - The action to clear

    • rolesFor

      public final Roles rolesFor(Action action)
      Gets the roles that have a binding for the given action.
      Parameters:
      action - The action
      Returns:
      The roles authorized for the given action

    • unauthorize

      public final void unauthorize(Action action, Roles rolesToRemove)
      Remove the given authorized role from an action. Note that this is only relevant if a role was previously authorized for that action. If no roles where previously authorized the effect of the unauthorize call is that no roles at all will be authorized for that action.
      Parameters:
      action - The action
      rolesToRemove - The comma separated list of roles to remove