public class DefaultPolicyService extends OnContextRefreshedEventListener implements PolicyService
PolicyService
which is configured with all Policy
instances
which are discovered in the Spring context and only focuses on a small
subset of IObject
types as specified by filterObject(IObject)
.Constructor and Description |
---|
DefaultPolicyService() |
Modifier and Type | Method and Description |
---|---|
void |
checkRestriction(java.lang.String name,
ome.model.IObject obj)
Give each configured
Policy instance the chance to throw a
SecurityViolation from its
Policy.checkRestriction(IObject) method. |
protected boolean |
filterObject(ome.model.IObject obj)
Limit the objects to which
Policy instances are applied. |
void |
handleContextRefreshedEvent(org.springframework.context.event.ContextRefreshedEvent event)
Loads all
Policy instances from the context,
and uses them to initialize this PolicyService . |
boolean |
isRestricted(java.lang.String name,
ome.model.IObject obj)
Ask each configured
Policy instance with the given name argument
if it considers the restriction active for the given IObject
argument. |
java.util.Set<java.lang.String> |
listActiveRestrictions(ome.model.IObject obj)
Return all identifier strings as would be passed as the first argument to
PolicyService.isRestricted(String, IObject) or
PolicyService.checkRestriction(String, IObject) which considers
itself active for the given argument. |
java.util.Set<java.lang.String> |
listAllRestrictions()
Return all configured identifier strings as would be passed as the first
argument to
PolicyService.isRestricted(String, IObject) or
PolicyService.checkRestriction(String, IObject) . |
onApplicationEvent, setApplicationContext
public void handleContextRefreshedEvent(org.springframework.context.event.ContextRefreshedEvent event)
Policy
instances from the context,
and uses them to initialize this PolicyService
.handleContextRefreshedEvent
in class OnContextRefreshedEventListener
public boolean isRestricted(java.lang.String name, ome.model.IObject obj)
PolicyService
Policy
instance with the given name argument
if it considers the restriction active for the given IObject
argument. If any are active, return true.isRestricted
in interface PolicyService
name
- non-null identifier of a class of Policy
instances.obj
- non-null "context" for this check.Policy
returns true from
Policy.isRestricted(IObject)
.public void checkRestriction(java.lang.String name, ome.model.IObject obj)
PolicyService
Policy
instance the chance to throw a
SecurityViolation
from its
Policy.checkRestriction(IObject)
method.checkRestriction
in interface PolicyService
name
- non-null identifier of a class of Policy
instances.obj
- non-null "context" for this check.public java.util.Set<java.lang.String> listAllRestrictions()
PolicyService
PolicyService.isRestricted(String, IObject)
or
PolicyService.checkRestriction(String, IObject)
.listAllRestrictions
in interface PolicyService
public java.util.Set<java.lang.String> listActiveRestrictions(ome.model.IObject obj)
PolicyService
PolicyService.isRestricted(String, IObject)
or
PolicyService.checkRestriction(String, IObject)
which considers
itself active for the given argument.listActiveRestrictions
in interface PolicyService
obj
- non-null context passed to each Policy
instance.Permissions.copyExtendedRestrictions()
.protected boolean filterObject(ome.model.IObject obj)
Policy
instances are applied. This
reduces the overhead of creating a HashSet
for every object in
a returned graph.obj
- e.g. the argument to listActiveRestrictions(IObject)
.