Package com.polarion.platform.security

Class Permission

java.lang.Object
com.polarion.platform.security.Permission
All Implemented Interfaces:
IPermission
Direct Known Subclasses:
AdministrationPermission, ChangePasswordPermission, DownloadFromBIRPermission, LoginPermission, ReportPermission, UserManagementPermission
public class Permission extends Object implements IPermission
This is the basic IPermission implementation. All other implementations must extend this class.

Every implementation must provide public constructor with String parameter, so that the permissions can be automatically constructed by the security framework.

The implementators are expected to override the getParentPermissions() and getDynamicRoles(String) methods, but might not override the equals(Object) and hashCode() methods, which must be based solely on the name comparison in order to work.

Author:
dobisekm

  • Field Details

    • name

      @NotNull public final String name

  • Constructor Details

    • Permission

      public Permission(@NotNull String name)

  • Method Details

    • getName

      @NotNull public String getName()
      Description copied from interface: IPermission
      The permission's name. Permission names are typically dot '.' separated series of strings (e.g. as packege+class names).
      Specified by:
      getName in interface IPermission
      Returns:
      The name, never null.

    • getParentPermissions

      @NotNull public IPermission[] getParentPermissions()
      Description copied from interface: IPermission
      The collection of permissions, to which the decision about this permission is granted, if there is no record for exactly this permission.

      For permission to be granted, none of it's parents can be denied and at least one of them must be granted. The rest can be either undefined or granted.

      Specified by:
      getParentPermissions in interface IPermission
      Returns:
      array of IPermissions (not null)

    • getDynamicRoles

      @NotNull public Collection<String> getDynamicRoles(@Nullable String user)
      Description copied from interface: IPermission
      Returns the collection of role IDs of dynamic roles associated with this particular permission.

      Dynamic roles are determined by particular permission data and by the relationship between the data and the user. The permission is allowed to perform operations which may lead to the test of the same permission - clients of this method must be aware of it.

      Specified by:
      getDynamicRoles in interface IPermission
      Parameters:
      user - name of current user
      Returns:
      Empty Collection if there are no dynamic roles, or collection of String role Ids.

    • hashCode

      public final int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public final boolean equals(Object obj)
      Overrides:
      equals in class Object

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • isInCustomSet

      @Nullable public Boolean isInCustomSet(@Nullable String customSet)
      Description copied from interface: IPermission
      Checks if the permission of the concrete object is in the provided custom set. A custom set is a Lucene query which groups a permission to all objects satisfying the query.
      Specified by:
      isInCustomSet in interface IPermission
      Parameters:
      customSet - - the custom set (Lucene query syntax)
      Returns:
      true if the IPObject inside the permission satisfies the query (belongs to that customSet), false if custom set is null or object does not belong to the custom set. null if the caller should assume that the information cannot be determined
      Since:
      3.8.1

    • denied

      @NotNull public PermissionDeniedException denied(@Nullable String user, @NotNull IPermission originalPermission, @Nullable IContextId contextId)
      Since:
      3.8.2