Package org.duracloud.security.vote
Class SpaceWriteAccessVoter
java.lang.Object
org.duracloud.security.vote.SpaceAccessVoter
org.duracloud.security.vote.SpaceWriteAccessVoter
- All Implemented Interfaces:
org.springframework.security.access.AccessDecisionVoter
This class decides if a caller has WRITE access to a given resource. If the
caller is seeking READ access to this resource, this class abstains from
casting a vote.
- Author:
- Andrew Woods Date: 11/18/11
-
Field Summary
Fields inherited from interface org.springframework.security.access.AccessDecisionVoter
ACCESS_ABSTAIN, ACCESS_DENIED, ACCESS_GRANTED -
Constructor Summary
ConstructorsConstructorDescriptionSpaceWriteAccessVoter(StorageProviderFactory storageProviderFactory, org.springframework.security.core.userdetails.UserDetailsService userDetailsService) -
Method Summary
Modifier and TypeMethodDescriptionintvote(org.springframework.security.core.Authentication auth, Object resource, Collection config) This method checks the ACL state of the arg resource (space and provider) and denies access to principals if they are anonymous or if they do not have a WRITE ACL for the space.Methods inherited from class org.duracloud.security.vote.SpaceAccessVoter
extractSpaceId, getContentId, getHttpServletRequest, getHttpVerb, getSpaceACLs, getSpaceACLs, getSpaceId, getStorageProviderFactory, getStoreId, getUserGroups, groupsHaveReadAccess, groupsHaveWriteAccess, hasContentId, hasReadAccess, hasWriteAccess, isAdmin, isOpenResource, isSnapshotMetadataSpace, supports, supports
-
Constructor Details
-
SpaceWriteAccessVoter
public SpaceWriteAccessVoter(StorageProviderFactory storageProviderFactory, org.springframework.security.core.userdetails.UserDetailsService userDetailsService)
-
-
Method Details
-
vote
public int vote(org.springframework.security.core.Authentication auth, Object resource, Collection config) This method checks the ACL state of the arg resource (space and provider) and denies access to principals if they are anonymous or if they do not have a WRITE ACL for the space.- Parameters:
auth- principal seeking AuthZresource- that is under protectionconfig- access-attributes defined on resource- Returns:
- vote (AccessDecisionVoter.ACCESS_GRANTED, ACCESS_DENIED, ACCESS_ABSTAIN)
-