Package org.dspace.app.rest.authorization.impl

Class LoginOnBehalfOfFeature

java.lang.Object

org.dspace.app.rest.authorization.impl.LoginOnBehalfOfFeature

All Implemented Interfaces:

AuthorizationFeature

@Component
@AuthorizationFeatureDocumentation(name="loginOnBehalfOf",
                                   description="It can be used by administrators to login on behalf of a different user")
public class LoginOnBehalfOfFeature
extends Object
implements AuthorizationFeature

The LoginOnBehalfOf feature. It can be used by Administrators when the webui.user.assumelogin property is set to true to allow the admin to login as another user. Calling this with the Site URI will check if the current logged in user can use this feature without specifying a specific eperson. This will be the case if the logged in user is an Admin and if the webui.user.assumelogin is set to true Calling this with the EPerson URI will check if the current logged in user can perform the loginOnBehalfOf as the given user. This will then additionally check that the eperson given isn't the same as the logged in user and it'll also check that the eperson given isn't an admin

Field Summary

Fields

Modifier and Type	Field	Description
static final String	NAME

Constructor Summary

Constructors

Constructor	Description
LoginOnBehalfOfFeature()

Method Summary

Modifier and Type	Method	Description
String[]	getSupportedTypes()	Return the supported object type according to the RestAddressableModel.getUniqueType()
boolean	isAuthorized(Context context, BaseObjectRest object)	Check if the eperson in the provided context, or the anonymous user if not loggedin, has access to the feature for the requested object

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.dspace.app.rest.authorization.AuthorizationFeature

getDescription, getName

Field Details

NAME

public static final String NAME

See Also:

• Constant Field Values

Constructor Details

LoginOnBehalfOfFeature

public LoginOnBehalfOfFeature()

Method Details

isAuthorized

public boolean isAuthorized(Context context,
 BaseObjectRest object)
                     throws SQLException

Description copied from interface: AuthorizationFeature

Check if the eperson in the provided context, or the anonymous user if not loggedin, has access to the feature for the requested object

Specified by:

isAuthorized in interface AuthorizationFeature

Parameters:

context - the DSpace Context

object - the object target by the feature (MUST be NOT null). Use the SiteRest object for repository wide feature

Returns:

true if the user associated with the context has access to the feature for the specified object

Throws:

SQLException

getSupportedTypes

public String[] getSupportedTypes()

Description copied from interface: AuthorizationFeature

Return the supported object type according to the RestAddressableModel.getUniqueType()

Specified by:

getSupportedTypes in interface AuthorizationFeature

Returns:

the supported object type, required to be not null