Versions Compared

Old Version 3

changes.mady.by.user Unknown User (adrianc@hlmksw.com)

Saved on

compared with

New Version 4

changes.mady.by.user Unknown User (adrianc@hlmksw.com)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
java
java
// User methods
public void createUser(GenericValue userLoginString userLoginId, String password);
public void updateUser(GenericValue userLoginString userLoginId, String password);
public void deleteUser(GenericValueString userLoginuserLoginId);

// User Group methods
public String createUserGroup(String description);
public void updateUserGroup(String userGroupId, String description);
public void deleteUserGroup(String userGroupId);

// User Group Assignment methods
public Stringvoid assignUserToGroup(String userLoginId, String userGroupId);
public void deleteUserFromGroup(String userLoginId, String userGroupId);
public Stringvoid assignGroupToGroup(String childGroupId, String parentGroupId);
public void deleteGroupFromGroup(String childGroupId, String parentGroupId);

// Permission Assignment methods
public void assignUserPermission(String userLoginId, String artifactId, Permission permission);
public void deleteUserPermission(String userLoginId, String artifactId, Permission permission);
public void assignGroupPermission(String userGroupId, String artifactId, Permission permission);
public void deleteGroupPermission(String userGroupId, String artifactId, Permission permission);

// Get permissions
public AccessController getUserPermissions(GenericValue userLogin, String artifactId);

All methods throw java.security.GeneralSecurityException. The Permission class is from the java.security package, and the AccessController interface is similar to the AccessController class in the java.security package:

Code Block
java
java

package org.ofbiz.security;

public interface AccessController {

    public void checkPermission(Permission permission) throws AccessControlException;

}

Artifacts will check permissions in two steps:
#Get an AccessController instance from Security by calling the getUserPermissions method
#Call the checkPermission method with the desired permission

Code Block
java
java

    // An artifact update method
    public void doUpdateTask(ExecutionContext context) throws AccessControlException {
        Security security = context.getSecurity();
        AccessController accessController = security.getUserPermissions(context.getUserLogin(), this.getArtifactId(context));
        accessController.checkPermission(new UpdatePermission());
        ...
    }