Package org.duracloud.security.vote

Class SpaceAccessVoter

  • All Implemented Interfaces:
    org.springframework.security.access.AccessDecisionVoter
    Direct Known Subclasses:
    SpaceReadAccessVoter, SpaceWriteAccessVoter
    public abstract class SpaceAccessVoter
extends Object
implements org.springframework.security.access.AccessDecisionVoter
    Author:
    Andrew Woods Date: Mar 19, 2010

    • Constructor Detail

      • SpaceAccessVoter

        public SpaceAccessVoter​(StorageProviderFactory storageProviderFactory,
                        org.springframework.security.core.userdetails.UserDetailsService userDetailsService)

    • Method Detail

      • isOpenResource

        protected boolean isOpenResource​(javax.servlet.http.HttpServletRequest httpRequest)

      • getStoreId

        protected String getStoreId​(javax.servlet.http.HttpServletRequest httpRequest)

      • getSpaceId

        protected String getSpaceId​(javax.servlet.http.HttpServletRequest httpRequest)

      • extractSpaceId

        protected String extractSpaceId​(String pathInfo)

      • hasContentId

        protected boolean hasContentId​(javax.servlet.http.HttpServletRequest httpRequest)

      • getContentId

        protected String getContentId​(javax.servlet.http.HttpServletRequest httpRequest)

      • getSpaceACLs

        protected Map<String,​AclType> getSpaceACLs​(javax.servlet.http.HttpServletRequest request)
        This method returns the ACLs of the requested space, or an empty-map if there is an error or for certain 'keyword' spaces, or null if the space does not exist.
        Parameters:
        request - containing spaceId and storeId
        Returns:
        ACLs, empty-map, or null

      • getHttpVerb

        protected HttpVerb getHttpVerb​(javax.servlet.http.HttpServletRequest httpRequest)

      • getUserGroups

        protected List<String> getUserGroups​(org.springframework.security.core.Authentication auth)

      • isAdmin

        protected boolean isAdmin​(String name)

      • getHttpServletRequest

        protected javax.servlet.http.HttpServletRequest getHttpServletRequest​(Object resource)

      • supports

        public boolean supports​(org.springframework.security.access.ConfigAttribute configAttribute)
        This method always returns true because all configAttributes are able to be handled by this voter.
        Specified by:
        supports in interface org.springframework.security.access.AccessDecisionVoter
        Parameters:
        configAttribute - any att
        Returns:
        true

      • supports

        public boolean supports​(Class aClass)
        This methods returns true if the arg class is an instance of or subclass of FilterInvocation. No other classes can be handled by this voter.
        Specified by:
        supports in interface org.springframework.security.access.AccessDecisionVoter
        Parameters:
        aClass - to be analyized for an AuthZ vote.
        Returns:
        true if is an instance of or subclass of FilterInvocation

      • isSnapshotMetadataSpace

        protected boolean isSnapshotMetadataSpace​(javax.servlet.http.HttpServletRequest httpRequest)