public interface SecurityEnforcer
extends org.springframework.security.access.AccessDecisionManager
Modifier and Type | Method and Description |
---|---|
<O extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType,T extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType> |
authorize(String operationUrl,
com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationPhaseType phase,
PrismObject<O> object,
ObjectDelta<O> delta,
PrismObject<T> target,
OwnerResolver ownerResolver,
OperationResult result)
Evaluates authorization: simply returns if the currently logged it user is authorized for a
specified action.
|
<O extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType> |
compileSecurityConstraints(PrismObject<O> object,
OwnerResolver ownerResolver) |
MidPointPrincipal |
getPrincipal()
Returns principal representing the currently logged-in user.
|
UserProfileService |
getUserProfileService() |
boolean |
isAuthenticated() |
<O extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType,T extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType> |
isAuthorized(String operationUrl,
com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationPhaseType phase,
PrismObject<O> object,
ObjectDelta<O> delta,
PrismObject<T> target,
OwnerResolver ownerResolver)
Returns true if the currently logged-in user is authorized for specified action, returns false otherwise.
|
<T extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType,O extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType> |
preProcessObjectFilter(String operationUrl,
com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationPhaseType phase,
Class<T> objectType,
PrismObject<O> object,
ObjectFilter origFilter)
TODO
If it returns NoneFilter then no search should be done.
|
<T> T |
runAs(Producer<T> producer,
PrismObject<com.evolveum.midpoint.xml.ns._public.common.common_3.UserType> user) |
<T> T |
runPrivileged(Producer<T> producer) |
void |
setupPreAuthenticatedSecurityContext(org.springframework.security.core.Authentication authentication) |
void |
setupPreAuthenticatedSecurityContext(PrismObject<com.evolveum.midpoint.xml.ns._public.common.common_3.UserType> user) |
void |
setUserProfileService(UserProfileService userProfileService) |
UserProfileService getUserProfileService()
void setUserProfileService(UserProfileService userProfileService)
void setupPreAuthenticatedSecurityContext(org.springframework.security.core.Authentication authentication)
void setupPreAuthenticatedSecurityContext(PrismObject<com.evolveum.midpoint.xml.ns._public.common.common_3.UserType> user)
boolean isAuthenticated()
MidPointPrincipal getPrincipal() throws SecurityViolationException
SecurityViolationException
<O extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType,T extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType> boolean isAuthorized(String operationUrl, com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationPhaseType phase, PrismObject<O> object, ObjectDelta<O> delta, PrismObject<T> target, OwnerResolver ownerResolver) throws SchemaException
phase
- check authorization for a specific phase. If null then all phases are checked.SchemaException
<O extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType,T extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType> void authorize(String operationUrl, com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationPhaseType phase, PrismObject<O> object, ObjectDelta<O> delta, PrismObject<T> target, OwnerResolver ownerResolver, OperationResult result) throws SecurityViolationException, SchemaException
phase
- check authorization for a specific phase. If null then all phases are checked.SecurityViolationException
SchemaException
<O extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType> ObjectSecurityConstraints compileSecurityConstraints(PrismObject<O> object, OwnerResolver ownerResolver) throws SchemaException
SchemaException
<T extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType,O extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType> ObjectFilter preProcessObjectFilter(String operationUrl, com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationPhaseType phase, Class<T> objectType, PrismObject<O> object, ObjectFilter origFilter) throws SchemaException
SchemaException
<T> T runAs(Producer<T> producer, PrismObject<com.evolveum.midpoint.xml.ns._public.common.common_3.UserType> user)
<T> T runPrivileged(Producer<T> producer)
Copyright © 2016 evolveum. All rights reserved.