Interface SecurityManager

All Known Implementing Classes:
DefaultSecurityManager

public interface SecurityManager
The SecurityManager applies security rules to PersistentDomainObjects or classes and grants or denies permissions.
Author:
harald
  • Method Details

    • evaluate

      SecurityResult evaluate(DomainContext context, Permission permission, int objectClassId, long objectId)
      Checks a permission for a PDO or a PDO class.
      Parameters:
      context - the domain context
      permission - the requested permission
      objectClassId - the object class id
      objectId - the identifiable id, 0 for all PDOs of that class
      Returns:
      the SecurityResult
    • evaluate

      SecurityResult evaluate(DomainContext context, Permission permission, Class<?> clazz)
      Checks a permission for a non-PDO class.
      Parameters:
      context - the domain context
      permission - the requested permission
      clazz - the class
      Returns:
      the SecurityResult
    • invalidate

      void invalidate()
      Invalidate the manager.
      The next request will re-initialize it.
    • removeObsoleteRules

      void removeObsoleteRules(Session session)
      Removes obsolete rules.

      Since the model has no relation to the security implementation, security rules may become obsolete if PDOs are deleted. This method will remove such obsolete rules.

      Parameters:
      session - the session
    • isEnabled

      boolean isEnabled()
      Determines whether this manager is enabled.
      Returns:
      true if enabled.
    • setEnabled

      void setEnabled(boolean enabled)
      Enables or disables this security manager.
      Parameters:
      enabled - true to enable the security manager
      See Also:
    • isAcceptByDefault

      boolean isAcceptByDefault()
      Determines whether this manager accepts by default.
      Returns:
      true to accept if no matching rule is found
    • setAcceptByDefault

      void setAcceptByDefault(boolean acceptByDefault)
      Sets the default behaviour for "no rules found" for the SecurityResult to "accepted". This is the default.

      Notice: setting both acceptByDefault and denyByDefault to false will return "neither accepted nor denied" security results if no rules fire.

      Parameters:
      acceptByDefault - true if SecurityResult.isAccepted() returns true if no rules found.