DocumentSecurityHandlerService

Name	DocumentSecurityHandler
Version
Included Services
Java Package	org.kuali.rice.kew.framework.document.security

Main Message Structures

Method getAuthorizedDocumentIds

Description Returns a list of document ids from the given list of document security directives for which the principal with
the given principal id is allowed to view. Any document which is passed to this method as part of a document
security directive which is not included in the list of document ids that is returned from this method should
not be presented to the principal with the given principal id.

This method essentially invokes
{@link DocumentSecurityAttribute#isAuthorizedForDocument(String, org.kuali.rice.kew.api.document.Document)}
method for each of the security attributes supplied in the document security directives, passing the associated
list of document ids.

Parameters String principalId the id of the principal against which to perform the authorization

DocumentSecurityDirectiveList documentSecurityDirectives the list of security directives which define the documents which should be
checked for authorization and the name of the {@code DocumentSecurityAttribute} extensions against which to
execute the authorization check.

Return StringList the list of document ids from the given document security directives for which the given principal is
authorized, if a null or empty list is returned, that means that the given principal is not authorized to view
information about any of the documents

Errors RiceIllegalArgumentException if the given principalId is a null or blank value

Method	getAuthorizedDocumentIds
Description	Returns a list of document ids from the given list of document security directives for which the principal with the given principal id is allowed to view. Any document which is passed to this method as part of a document security directive which is not included in the list of document ids that is returned from this method should not be presented to the principal with the given principal id. This method essentially invokes {@link DocumentSecurityAttribute#isAuthorizedForDocument(String, org.kuali.rice.kew.api.document.Document)} method for each of the security attributes supplied in the document security directives, passing the associated list of document ids.
Parameters	String	principalId	the id of the principal against which to perform the authorization
DocumentSecurityDirectiveList	documentSecurityDirectives	the list of security directives which define the documents which should be checked for authorization and the name of the {@code DocumentSecurityAttribute} extensions against which to execute the authorization check.
Return	StringList	the list of document ids from the given document security directives for which the given principal is authorized, if a null or empty list is returned, that means that the given principal is not authorized to view information about any of the documents
Errors	RiceIllegalArgumentException	if the given principalId is a null or blank value

Back to Operations