Package org.apache.wicket.authroles.authorization.strategies.role.metadata

Class MetaDataRoleAuthorizationStrategy

  • All Implemented Interfaces:
    IAuthorizationStrategy
    public class MetaDataRoleAuthorizationStrategy
extends AbstractRoleAuthorizationStrategy
    Strategy that uses the Wicket metadata facility to check authorization. The static authorize methods are for authorizing component actions and component instantiation by role. This class is the main entry point for users wanting to use the roles-based authorization of the wicket-auth-roles package based on wicket metadata. For instance, use like: 
     MetaDataRoleAuthorizationStrategy.authorize(myPanel, RENDER, "ADMIN");
    for actions on component instances, or: 
     MetaDataRoleAuthorizationStrategy.authorize(AdminBookmarkablePage.class, "ADMIN");
    for doing role based authorization for component instantation.
    Author:
    Eelco Hillenius, Jonathan Locke
    See Also:
    MetaDataKey

    • Method Detail

      • authorize

        public static <T extends Component> void authorize​(Class<T> componentClass,
                                                   String roles)
        Authorizes the given role to create component instances of type componentClass. This authorization is added to any previously authorized roles.
        Type Parameters:
        T -
        Parameters:
        componentClass - The component type that is subject for the authorization
        roles - The comma separated roles that are authorized to create component instances of type componentClass

      • authorize

        public static void authorize​(Component component,
                             Action action,
                             String roles)
        Authorizes the given role to perform the given action on the given component.
        Parameters:
        component - The component that is subject to the authorization
        action - The action to authorize
        roles - The comma separated roles to authorize

      • authorizeAll

        public static <T extends Component> void authorizeAll​(Class<T> componentClass)
        Grants permission to all roles to create instances of the given component class.
        Type Parameters:
        T -
        Parameters:
        componentClass - The component class

      • authorizeAll

        public static void authorizeAll​(Component component,
                                Action action)
        Grants permission to all roles to perform the given action on the given component.
        Parameters:
        component - The component that is subject to the authorization
        action - The action to authorize

      • unauthorize

        public static <T extends Component> void unauthorize​(Class<T> componentClass,
                                                     String roles)
        Removes permission for the given roles to create instances of the given component class. There is no danger in removing authorization by calling this method. If the last authorization grant is removed for a given componentClass, the internal role NO_ROLE will automatically be added, effectively denying access to all roles (if this was not done, all roles would suddenly have access since no authorization is equivalent to full access).
        Type Parameters:
        T -
        Parameters:
        componentClass - The component type
        roles - The comma separated list of roles that are no longer to be authorized to create instances of type componentClass

      • unauthorize

        public static void unauthorize​(Component component,
                               Action action,
                               String roles)
        Removes permission for the given role to perform the given action on the given component. There is no danger in removing authorization by calling this method. If the last authorization grant is removed for a given action, the internal role NO_ROLE will automatically be added, effectively denying access to all roles (if this was not done, all roles would suddenly have access since no authorization is equivalent to full access).
        Parameters:
        component - The component
        action - The action
        roles - The comma separated list of roles that are no longer allowed to perform the given action

      • unauthorizeAll

        public static <T extends Component> void unauthorizeAll​(Class<T> componentClass)
        Grants authorization to instantiate the given class to just the role NO_ROLE, effectively denying all other roles.
        Type Parameters:
        T -
        Parameters:
        componentClass - The component class

      • unauthorizeAll

        public static void unauthorizeAll​(Component component,
                                  Action action)
        Grants authorization to perform the given action to just the role NO_ROLE, effectively denying all other roles.
        Parameters:
        component - the component that is subject to the authorization
        action - the action to authorize