...
Code Block |
---|
|
// User methods
public void createUser(String userLoginId, String password);
public void updateUser(String userLoginId, String password);
public void deleteUser(String userLoginId);
// User Group methods
public String createUserGroup(String description);
public void updateUserGroup(String userGroupId, String description);
public void deleteUserGroup(String userGroupId);
// User Group Assignment methods
public void assignUserToGroup(String userLoginId, String userGroupId);
public void deleteUserFromGroup(String userLoginId, String userGroupId);
public void assignGroupToGroup(String childGroupId, String parentGroupId);
public void deleteGroupFromGroup(String childGroupId, String parentGroupId);
// Permission Assignment methods
public void assignUserPermission(String userLoginId, String artifactId, Permission permission);
public void deleteUserPermission(String userLoginId, String artifactId, Permission permission);
public void assignGroupPermission(String userGroupId, String artifactId, Permission permission);
public void deleteGroupPermission(String userGroupId, String artifactId, Permission permission);
// Get the access controller for an artifact/user combination
public AccessController getAccessController (ExecutionContext executionContext);
|
All methods throw java.security.GeneralSecurityException. The Permission class is from the java.security package, and the AccessController interface is similar to the AccessController class in the java.security package:
Code Block |
---|
|
package org.ofbiz.base.authorization;
public interface AccessController {
public void checkPermission(Permission permission) throws AccessControlException;
public void checkPermission(Permission permission, ArtifactPath artifactPath) throws AccessControlException;
public <E> List<E> applyFilters(List<E> list);
public <E> ListIterator<E> applyFilters(ListIterator<E> list);
}
|
Artifacts will check permissions in two steps:
- Get an AccessController instance from the Authorization Manager ThreadContext by calling the getAccessController method
- Call the checkPermission method with the desired permission(s)
Code Block |
---|
|
// An artifact update method
public void doUpdateTask(ExecutionContext executionContext) throws AccessControlException {
AuthorizationManager security = executionContext.getSecurity();
AccessController accessController = security.getAccessController();
accessControllerThreadContext.getAccessController().checkPermission(new UpdatePermission());
...
}
|