Package org.dspace.app.rest.security

Class EPersonRestPermissionEvaluatorPlugin

java.lang.Object

org.dspace.app.rest.security.RestObjectPermissionEvaluatorPlugin

org.dspace.app.rest.security.EPersonRestPermissionEvaluatorPlugin

All Implemented Interfaces:

RestPermissionEvaluatorPlugin

@Component
public class EPersonRestPermissionEvaluatorPlugin
extends RestObjectPermissionEvaluatorPlugin

An authenticated user is allowed to view, update or delete his or her own data. This RestPermissionEvaluatorPlugin implements that requirement.

Constructor Summary

Constructors

Constructor	Description
EPersonRestPermissionEvaluatorPlugin()

Method Summary

Modifier and Type	Method	Description
boolean	hasDSpacePermission(org.springframework.security.core.Authentication authentication, Serializable targetId, String targetType, DSpaceRestPermission permission)	Plugins must implement this method to receive RestPermissionEvaluatorPlugin hasPermission requests.
boolean	hasPatchPermission(org.springframework.security.core.Authentication authentication, Serializable targetId, String targetType, Patch patch)	Checks permissions for Patch requests.

Methods inherited from class org.dspace.app.rest.security.RestObjectPermissionEvaluatorPlugin

hasPermission, hasPermission

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

EPersonRestPermissionEvaluatorPlugin

public EPersonRestPermissionEvaluatorPlugin()

Method Detail

hasDSpacePermission

public boolean hasDSpacePermission(org.springframework.security.core.Authentication authentication,
                                   Serializable targetId,
                                   String targetType,
                                   DSpaceRestPermission permission)

Description copied from class: RestObjectPermissionEvaluatorPlugin

Plugins must implement this method to receive RestPermissionEvaluatorPlugin hasPermission requests.

Specified by:

hasDSpacePermission in class RestObjectPermissionEvaluatorPlugin

Parameters:

authentication - Authentication object providing user details of the authenticated user

targetId - Unique identifier of the target object the user wants to view or manipulate

targetType - Type of the target object the users wants to view or manipulate

permission - Permission object that describes the action the user wants to perform on the target object

Returns:

true if the user is allowed to perform the action described by the permission. False otherwise.

hasPatchPermission

public boolean hasPatchPermission(org.springframework.security.core.Authentication authentication,
                                  Serializable targetId,
                                  String targetType,
                                  Patch patch)

Description copied from class: RestObjectPermissionEvaluatorPlugin

Checks permissions for Patch requests. Override the default implementation in plugins that require this capability.

Overrides:

hasPatchPermission in class RestObjectPermissionEvaluatorPlugin

Parameters:

authentication - Authentication object providing user details of the authenticated user

targetId - Unique identifier of the target object the user wants to view or manipulate

targetType - Type of the target object the users wants to view or manipulate

patch - The Patch instance

Returns:

true if the user is allowed to perform the action described by the permission. False otherwise