| Home >> All >> com >> RuntimeCollective >> [ permission Javadoc ] |
• com.RuntimeCollective.permission: Javadoc index of package com.RuntimeCollective.permission.
Package Samples:
• com.RuntimeCollective.permission.bean: The Permission module provides support for much more flexible Permission logic than webapps.bean.PermissionBean .
• com.RuntimeCollective.permission.action
• com.RuntimeCollective.permission.form
• com.RuntimeCollective.permission.tag
• com.RuntimeCollective.permission.test
Classes:
• PermissionFilter: A singleton Filter which constrains access to URLs using PermissionRules. At the moment, the filter supports three checks for each path: whether the user is in 1 of many UserGroups, specified by their names whether the user is in a (any) group belonging to a given UserGroupType, specified by name whether the request matches a given IP address pattern (Perl5, as in Jakarta ORO) whether the request matches, or ends in, a given domain (only complete components are matched, e.g. "apache.org" will match "foo.apache.org", but not "fooapache.org") whether the user is cleared by a PermissionRule, specified ...
• Permissible: Interface to implement if you want the access to your object to be constrained by PermissionRules. If you want to be spared the hassle of writing JSPs to assign PermissionRules to your Permissible objects, do have a look at the pages written for the Sussex Enterprise project. You can find them by checking out the relevent project: "cvs co rsework", then look in rsework/web/admin. The page is called publishPage-step3.jsp, and is part of the publishing process (Publishable is a subclass of Permissible). The rsework/struts-config.xml file is also worth checking, for the action mappings etc. And while ...
• PermissibleAction: PermissibleActions can be extended to restrict the execution of the action to those users with suitable status. Additional constraints may be placed on the requesting user by overriding checkPermissions() . Returns: DENIED - if the user does not have sufficient status to perform this action. NOT_AUTH - if the browser must be authenticated as a user for the permissions to be checked but has not yet been authenticated in this session.
• HasNoPermissionTag: Evalute the nested body content of this tag if the currently logged on user DOES NOT have permission to perform the specified action on the specified bean. The user is taken from the session using key RuntimeParameters.get("logonUserKey"). If no user is logged on, then permission is refused (and the body IS evaluated). This tag takes two compulsory parameters: permissible - the name of the Permissible bean on which an action maybe be performed. action - the action (eg "view") to be performed
• HasNoTreePermissionTag: Evalute the nested body content of this tag if the currently logged on user doesn't have permissions to perform the specified action on the EntityBean of the specified TreeExtension, and on its parents. The bean and its parents should have PermissibleExtensions. This method calls TreeExtension.canPerformAction(). This tag takes two compulsory parameters: treeExtension - the name of the TreeExtension bean on which an action maybe be performed. action - the action (eg "view") to be performed
• HasTreePermissionTag: Evalute the nested body content of this tag if the currently logged on user has permissions to perform the specified action on the EntityBean of the specified TreeExtension, and on its parents. The bean and its parents should have PermissibleExtensions. This method calls TreeExtension.canPerformAction(). This tag takes two compulsory parameters: treeExtension - the name of the TreeExtension bean on which an action maybe be performed. action - the action (eg "view") to be performed
• UserGroupPermissionRuleFactory: A factory for creating PermissionRules for user groups. This implementation assumes a one-to-one mapping between group combinations and rules. That is, for any given combination of groups, such as group ids X, Y and Z, there is only one UserGroupPermissionRule with these groups. The order of X, Y and Z is irrelevent. This class was refactored, it used to support single groups only; now we support combinations of groups. This all reduces the number of objects we are dealing with.
• HasPermissionTag: Evalute the nested body content of this tag if the currently logged on user has permissions to perform the specified action on the specified bean. The user is taken from the session using key RuntimeParameters.get("logonUserKey"). If no user is logged on, then permission is refused. This tag takes two compulsory parameters: permissible - the name of the Permissible bean on which an action maybe be performed. action - the action (eg "view") to be performed
• CheckPermissionTag: Check the permission of the current Session on a given Permissible, eventually redirecting to an AuthorisationPage (defined by the AuthorisationPathForAction property of the bean). This tag takes two compulsory parameters: permissible - the name of the Permissible bean on which an action maybe be performed action - the action (eg "view") to be performed
• CheckTreePermissionTag: Check the permission of the current Session on a given TreeExtension's EntityBean, and all its parents. All EntityBeans should have a PermissibleExtension. This tag takes two compulsory parameters: treeExtension - the name of the TreeExtension on whose EntityBean on which an action maybe be performed action - the action (eg "view") to be performed
• SimplePermissionRule: A very simple implementation of PermissionRule. It only uses permission criteria from the Webapps module, that is, for now: - whether the user has logged in One can extend this class and adds a Role criterion when we have decided on how we're going to do that Role mechanism.
• UserGroupPermissibleForm: Form to configure several actions of a Permissible, by choosing one or many UserGroups from a list. This is similar to PermissibleUserGroupPermissionRuleForm, but much more flexible. Caveat: selecting no groups for an action means all users are accepted.
• PermissibleForm: PermissibleForm represents an ActionForm which allows property level permission checking. Use this class with caution. Property level permission checking is likely to be slow and probably isn't a good idea at all.
• UserGroupPermissibleAction: Action to set the UserGroup permissions of a Permissible, for all actions. See UserGroupPermissibleForm. Caveat: selecting no groups for an action means all users are accepted.
• AdminEditorAction: An action which ensures the user is in an Admin/Editor group type, whose name is specified in web.xml under the attribute name defined by UG_TYPE_PARAM.
• AdminAction: An action which ensures the user is in the Admin group, whose name is specified in web.xml under the attribute name defined by ADMIN_GROUP_NAME_PARAM.
• PermissionException: The subclass of RuntimeException which should be thrown by classes in the Permission module when they meet some kind of problem.
• NewPermissionTest: This is the Permission test methods, configured in the new way. It requires several sysproperties: logonPath, relogonPath.
• EditPermissibleUserGroupPermissionRuleAction: Implementation of Action to edit the PermissionRule of a Permissible, using UserGroupPermissionRules.
• PermissibleUserGroupPermissionRuleForm: A form for setting the Permissions of a PermissibleBean for a given action, by choosing one UserGroup from a list.
• PermissionRule: Interface that defines a permission ruls, which determines whether a user has access to some part of the system.
• PermissibleExtensionTest: Test class for PermissibleExtension. $Id: PermissibleExtensionTest.java,v 1.3 2003/09/30 15:12:51 joe Exp $
• AddGroupToPermission: Implementation of Action that adds (or removes) a user group to a UserGroupPermissionRule
• UserGroupPermissionRule: A permission rule whose behaviour depends on whether the user is a member of a group
• PermissibleExtension: An extension which can be used to stick the Permissible behaviour to any bean.
| Home | Contact Us | Privacy Policy | Terms of Service |