public interface ViewAuthorizer
View
Note only user authorization is done by the authorizer class. For non-user based logic, use the
ViewPresentationController
Modifier and Type | Method and Description |
---|---|
boolean |
canEditField(View view,
ViewModel model,
Field field,
String propertyName,
Person user) |
boolean |
canEditGroup(View view,
ViewModel model,
Group group,
String groupId,
Person user) |
boolean |
canEditLine(View view,
ViewModel model,
CollectionGroup collectionGroup,
String collectionPropertyName,
Object line,
Person user) |
boolean |
canEditLineField(View view,
ViewModel model,
CollectionGroup collectionGroup,
String collectionPropertyName,
Object line,
Field field,
String propertyName,
Person user) |
boolean |
canEditView(View view,
ViewModel model,
Person user)
Determines if the given user is authorized to edit the given view
|
boolean |
canEditWidget(View view,
ViewModel model,
Widget widget,
String widgetId,
Person user) |
boolean |
canOpenView(View view,
ViewModel model,
Person user)
Determines if the given user is authorized to open the given view
|
boolean |
canPartialUnmaskField(View view,
ViewModel model,
DataField field,
String propertyName,
Person user)
Checks whether the partial mask authorization exists for the given property and if so whether the given user
has the ability to unmask the value
|
boolean |
canPerformAction(View view,
ViewModel model,
Action action,
String actionEvent,
String actionId,
Person user) |
boolean |
canPerformLineAction(View view,
ViewModel model,
CollectionGroup collectionGroup,
String collectionPropertyName,
Object line,
Action action,
String actionEvent,
String actionId,
Person user) |
boolean |
canUnmaskField(View view,
ViewModel model,
DataField field,
String propertyName,
Person user)
Checks whether the mask authorization exists for the given property and if so whether the given user has the
ability to unmask the value
|
boolean |
canViewField(View view,
ViewModel model,
Field field,
String propertyName,
Person user) |
boolean |
canViewGroup(View view,
ViewModel model,
Group group,
String groupId,
Person user) |
boolean |
canViewLine(View view,
ViewModel model,
CollectionGroup collectionGroup,
String collectionPropertyName,
Object line,
Person user) |
boolean |
canViewLineField(View view,
ViewModel model,
CollectionGroup collectionGroup,
String collectionPropertyName,
Object line,
Field field,
String propertyName,
Person user) |
boolean |
canViewWidget(View view,
ViewModel model,
Widget widget,
String widgetId,
Person user) |
Set<String> |
getActionFlags(View view,
ViewModel model,
Person user,
Set<String> actions)
Returns the set of action flags that are authorized for the given user
|
Set<String> |
getEditModes(View view,
ViewModel model,
Person user,
Set<String> editModes)
Returns the set of edit modes that are authorized for the given user
|
void |
setRequestAuthorizationCache(RequestAuthorizationCache requestAuthorizationCache) |
Set<String> getActionFlags(View view, ViewModel model, Person user, Set<String> actions)
Action flags are created for views to indicate some action or feature should be enabled. These flags can be
used within expressions for configuring the view content.
For example:
For each action flag, KIM is consulted to determine if a permission exist for the template associated with the action flag. If so, a check is then made to determine if the user has that permission. If the permission fails for the user, the action flag is removed from the returned set.
The Set of available action flags should first be exported by the
ViewPresentationController.getActionFlags(View, org.kuali.rice.krad.web.form.UifFormBase)
method. The
set returned from this method will be passed as the method argument here by the framework.
view
- - view instance the action flags apply tomodel
- - object containing the view datauser
- - user we are authorizing the actions foractions
- - set of action flags to authorizeSet<String> getEditModes(View view, ViewModel model, Person user, Set<String> editModes)
An edit mode is a string that identifies a set of editable fields within the view. These are generally used
when the entire view is not editable, but only certain fields. A field can be associated with an edit mode in
two ways. The first is by using the edit mode in an expression when setting the field readOnly property.
For example:
ViewPresentationController.canEditField(View, ViewModel, org.kuali.rice.krad.uif.field.Field, String)
method which can look at the edit modes map on the view to determine if the given field should be editable.
For each edit mode, KIM is consulted to determine if a permission exist for the 'Use View' template and the edit mode detail. If so, a check is then made to determine if the user has that permission. If the permission fails for the user, the edit mode is removed from the returned set.
The Set of available edit modes should first be exported by the
ViewPresentationController.getEditModes(View, org.kuali.rice.krad.web.form.UifFormBase)
method. The
set returned from this method will be passed as the method argument here by the framework.
view
- - view instance the edit modes apply tomodel
- - object containing the view datauser
- - user we are authorizing the actions foreditModes
- - set of edit modes to authorizeboolean canOpenView(View view, ViewModel model, Person user)
view
- - view instance to check authorization formodel
- - object containing the view datauser
- - user to authorizeboolean canEditView(View view, ViewModel model, Person user)
view
- - view instance to check authorization formodel
- - object containing the view datauser
- - user to authorizeboolean canUnmaskField(View view, ViewModel model, DataField field, String propertyName, Person user)
view
- - view instance the field belongs tomodel
- - object containing the view datafield
- - field associated for the property and from which the
ComponentSecurity
will be retrievedpropertyName
- - name of the property associated with the fielduser
- - user we are authorizingboolean canPartialUnmaskField(View view, ViewModel model, DataField field, String propertyName, Person user)
view
- - view instance the field belongs tomodel
- - object containing the view datafield
- - field associated for the property and from which the
ComponentSecurity
will be retrievedpropertyName
- - name of the property associated with the fielduser
- - user we are authorizingboolean canEditField(View view, ViewModel model, Field field, String propertyName, Person user)
boolean canViewField(View view, ViewModel model, Field field, String propertyName, Person user)
boolean canEditGroup(View view, ViewModel model, Group group, String groupId, Person user)
boolean canViewGroup(View view, ViewModel model, Group group, String groupId, Person user)
boolean canEditWidget(View view, ViewModel model, Widget widget, String widgetId, Person user)
boolean canViewWidget(View view, ViewModel model, Widget widget, String widgetId, Person user)
boolean canPerformAction(View view, ViewModel model, Action action, String actionEvent, String actionId, Person user)
boolean canEditLine(View view, ViewModel model, CollectionGroup collectionGroup, String collectionPropertyName, Object line, Person user)
boolean canViewLine(View view, ViewModel model, CollectionGroup collectionGroup, String collectionPropertyName, Object line, Person user)
boolean canEditLineField(View view, ViewModel model, CollectionGroup collectionGroup, String collectionPropertyName, Object line, Field field, String propertyName, Person user)
boolean canViewLineField(View view, ViewModel model, CollectionGroup collectionGroup, String collectionPropertyName, Object line, Field field, String propertyName, Person user)
boolean canPerformLineAction(View view, ViewModel model, CollectionGroup collectionGroup, String collectionPropertyName, Object line, Action action, String actionEvent, String actionId, Person user)
void setRequestAuthorizationCache(RequestAuthorizationCache requestAuthorizationCache)
Copyright © 2005–2016 The Kuali Foundation. All rights reserved.