java.lang.Object

org.duracloud.security.vote.SpaceAccessVoter

org.duracloud.security.vote.SpaceReadAccessVoter

All Implemented Interfaces:: org.springframework.security.access.AccessDecisionVoter

public class SpaceReadAccessVoter extends SpaceAccessVoter

This class decides if a caller has READ access to a given resource. If the caller is seeking WRITE access to this resource, this class abstains from casting a vote.

Author:: Andrew Woods Date: 11/18/11

Field Summary

Fields inherited from interface org.springframework.security.access.AccessDecisionVoter
ACCESS_ABSTAIN, ACCESS_DENIED, ACCESS_GRANTED
Constructor Summary

Constructors

Constructor

Description

SpaceReadAccessVoter(StorageProviderFactory storageProviderFactory, org.springframework.security.core.userdetails.UserDetailsService userDetailsService)

SpaceReadAccessVoter(StorageProviderFactory storageProviderFactory, org.springframework.security.core.userdetails.UserDetailsService userDetailsService, List<String> pathExemptions)
Method Summary

Modifier and Type

Method

Description

int

vote(org.springframework.security.core.Authentication auth, Object resource, Collection config)

This method checks the Access and ACL state of the arg resource (space and provider) and denies access to principals if they are anonymous and the space is CLOSED, or if they do not have a READ ACL for the space.

Methods inherited from class org.duracloud.security.vote.SpaceAccessVoter
extractSpaceId, getContentId, getHttpServletRequest, getHttpVerb, getSpaceACLs, getSpaceACLs, getSpaceId, getStorageProviderFactory, getStoreId, getUserGroups, groupsHaveReadAccess, groupsHaveWriteAccess, hasContentId, hasReadAccess, hasWriteAccess, isAdmin, isOpenResource, isSnapshotMetadataSpace, supports, supports

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- SpaceReadAccessVoter
  
  public SpaceReadAccessVoter(StorageProviderFactory storageProviderFactory, org.springframework.security.core.userdetails.UserDetailsService userDetailsService)
- SpaceReadAccessVoter
  
  public SpaceReadAccessVoter(StorageProviderFactory storageProviderFactory, org.springframework.security.core.userdetails.UserDetailsService userDetailsService, List<String> pathExemptions)
  
  Parameters:
  
  storageProviderFactory -
  
  userDetailsService -
  
  pathExemptions - A list of regular expressions designating path info strings allowable for users.
Method Details
- vote
  
  public int vote(org.springframework.security.core.Authentication auth, Object resource, Collection config)
  
  This method checks the Access and ACL state of the arg resource (space and provider) and denies access to principals if they are anonymous and the space is CLOSED, or if they do not have a READ ACL for the space.
  
  Parameters:
  
  auth - principal seeking AuthZ
  
  resource - that is under protection
  
  config - access-attributes defined on resource
  
  Returns:
  
  vote (AccessDecisionVoter.ACCESS_GRANTED, ACCESS_DENIED, ACCESS_ABSTAIN)

Class SpaceReadAccessVoter

Field Summary

Fields inherited from interface org.springframework.security.access.AccessDecisionVoter

Constructor Summary

Method Summary

Methods inherited from class org.duracloud.security.vote.SpaceAccessVoter

Methods inherited from class java.lang.Object

Constructor Details

SpaceReadAccessVoter

SpaceReadAccessVoter

Method Details

vote