Package org.dspace.app.rest.security

Class RestObjectPermissionEvaluatorPlugin

java.lang.Object
org.dspace.app.rest.security.RestObjectPermissionEvaluatorPlugin
All Implemented Interfaces:
RestPermissionEvaluatorPlugin
Direct Known Subclasses:
AdminRestPermissionEvaluatorPlugin, AuthorizeServicePermissionEvaluatorPlugin, BitstreamMetadataReadPermissionEvaluatorPlugin, ClaimedTaskRestPermissionEvaluatorPlugin, DSpaceObjectAdminPermissionEvaluatorPlugin, EPersonRestPermissionEvaluatorPlugin, GroupRestPermissionEvaluatorPlugin, OrcidHistorySendToOrcidRestPermissionEvaluatorPlugin, OrcidQueueAndHistoryRestPermissionEvaluatorPlugin, OrcidQueueSearchRestPermissionEvaluatorPlugin, PoolTaskRestPermissionEvaluatorPlugin, ProcessRestPermissionEvaluatorPlugin, ReadAuthorizationPermissionEvaluatorPlugin, ResearcherProfileRestPermissionEvaluatorPlugin, ResourcePolicyAdminPermissionEvalutatorPlugin, ResourcePolicyRestPermissionEvaluatorPlugin, SubmissionCCLicenseRestEvaluatorPlugin, SubmissionCCLicenseUrlRestPermissionEvaluatorPlugin, SubscriptionRestPermissionEvaluatorPlugin, TemplateItemRestPermissionEvaluatorPlugin, UsageReportRestPermissionEvaluatorPlugin, VersionHistoryRestPermissionEvaluatorPlugin, VersionRestPatchPermissionEvaluatorPlugin, VersionRestPermissionEvaluatorPlugin, WorkflowRestPermissionEvaluatorPlugin, WorkspaceItemRestPermissionEvaluatorPlugin
public abstract class RestObjectPermissionEvaluatorPlugin extends Object implements RestPermissionEvaluatorPlugin
Abstract RestPermissionEvaluatorPlugin class that contains utility methods to evaluate permissions for a Rest Object.

  • Constructor Details

    • RestObjectPermissionEvaluatorPlugin

      public RestObjectPermissionEvaluatorPlugin()

  • Method Details

    • hasPermission

      public boolean hasPermission(org.springframework.security.core.Authentication authentication, Object targetDomainObject, Object permission)
      Utility implementation to make the implementation of Rest Object Permission evaluator plugins more easy.
      Specified by:
      hasPermission in interface RestPermissionEvaluatorPlugin
      Parameters:
      authentication - represents the user in question. Should not be null.
      targetDomainObject - the domain object for which permissions should be checked. May be null in which case implementations should return false, as the null condition can be checked explicitly in the expression.
      permission - a representation of the DSpace action as supplied by the expression system. This corresponds to the DSpace action. Not null.
      Returns:
      true if the permission is granted by one of the plugins, false otherwise

    • hasPermission

      public boolean hasPermission(org.springframework.security.core.Authentication authentication, Serializable targetId, String targetType, Object permission)
      Description copied from interface: RestPermissionEvaluatorPlugin
      Check in the authenticated user (provided by the Authentication object) has the specified permission on the target object with the provided identifier.
      Specified by:
      hasPermission in interface RestPermissionEvaluatorPlugin
      Parameters:
      authentication - Authentication object providing user details of the authenticated user
      targetId - Unique identifier of the target object the user wants to view or manipulate
      targetType - Type of the target object the users wants to view or manipulate
      permission - Permission object that describes the action the user wants to perform on the target object
      Returns:
      true if the user is allowed to perform the action described by the permission. False otherwise.

    • hasPatchPermission

      public boolean hasPatchPermission(org.springframework.security.core.Authentication authentication, Serializable targetId, String targetType, Patch patch)
      Checks permissions for Patch requests. Override the default implementation in plugins that require this capability.
      Parameters:
      authentication - Authentication object providing user details of the authenticated user
      targetId - Unique identifier of the target object the user wants to view or manipulate
      targetType - Type of the target object the users wants to view or manipulate
      patch - The Patch instance
      Returns:
      true if the user is allowed to perform the action described by the permission. False otherwise

    • hasDSpacePermission

      public abstract boolean hasDSpacePermission(org.springframework.security.core.Authentication authentication, Serializable targetId, String targetType, DSpaceRestPermission restPermission)
      Plugins must implement this method to receive RestPermissionEvaluatorPlugin hasPermission requests.
      Parameters:
      authentication - Authentication object providing user details of the authenticated user
      targetId - Unique identifier of the target object the user wants to view or manipulate
      targetType - Type of the target object the users wants to view or manipulate
      restPermission - Permission object that describes the action the user wants to perform on the target object
      Returns:
      true if the user is allowed to perform the action described by the permission. False otherwise.