| Modifier and Type | Method and Description |
|---|---|
static boolean |
PolicyHelper.isAuthorizedForActions(javax.servlet.http.HttpServletRequest req,
AuthorizationRequest... actions)
Are these actions authorized for the current user by the current
policies?
|
static boolean |
PolicyHelper.isAuthorizedForActions(javax.servlet.http.HttpServletRequest req,
String email,
String password,
AuthorizationRequest ar)
Is the email/password authorized for these actions? This should be used
when a controller or something needs allow actions if the user passes in
their email and password.
|
static boolean |
PolicyHelper.isAuthorizedForActions(IdentifierBundle ids,
PolicyIface policy,
AuthorizationRequest ar)
Are these actions authorized for these identifiers by these policies?
|
| Modifier and Type | Method and Description |
|---|---|
static boolean |
PolicyHelper.isAuthorizedForActions(javax.servlet.http.HttpServletRequest req,
Iterable<? extends AuthorizationRequest> actions)
Are these actions authorized for the current user by the current
policies?
|
| Modifier and Type | Class and Description |
|---|---|
class |
RequestedAction |
class |
SimpleRequestedAction
A RequestedAction that can be recognized by a SimplePermission.
|
| Modifier and Type | Field and Description |
|---|---|
static AuthorizationRequest |
AuthorizationRequest.AUTHORIZED |
static AuthorizationRequest |
AuthorizationRequest.UNAUTHORIZED |
| Modifier and Type | Method and Description |
|---|---|
AuthorizationRequest |
AuthorizationRequest.and(AuthorizationRequest that) |
static AuthorizationRequest |
AuthorizationRequest.andAll(AuthorizationRequest... ars) |
static AuthorizationRequest |
AuthorizationRequest.andAll(Iterable<? extends AuthorizationRequest> ars) |
AuthorizationRequest |
AuthorizationRequest.or(AuthorizationRequest that) |
| Modifier and Type | Method and Description |
|---|---|
AuthorizationRequest |
AuthorizationRequest.and(AuthorizationRequest that) |
static AuthorizationRequest |
AuthorizationRequest.andAll(AuthorizationRequest... ars) |
AuthorizationRequest |
AuthorizationRequest.or(AuthorizationRequest that) |
| Modifier and Type | Method and Description |
|---|---|
static AuthorizationRequest |
AuthorizationRequest.andAll(Iterable<? extends AuthorizationRequest> ars) |
| Modifier and Type | Class and Description |
|---|---|
class |
AddNewUser
Should we allow the user to create a user account?
|
class |
LoadOntology
Should we allow the user to load an ontology?
|
class |
RebuildTextIndex |
class |
RemoveUser
Should we allow the user to remove a user account
|
class |
ServerStatus
Should we allow the user to view information about the server status?
|
class |
UpdateTextIndex |
class |
UploadFile
Should we allow the user to upload a file?
|
| Modifier and Type | Class and Description |
|---|---|
class |
DisplayDataProperty
Should we allow the user to see this DataProperty?
|
class |
DisplayDataPropertyStatement
Should we let the user see this DataPropertyStatement?
|
class |
DisplayObjectProperty
Should we allow the user to see this ObjectProperty?
|
class |
DisplayObjectPropertyStatement
Should we let the user see this ObjectPropertyStatement?
|
| Modifier and Type | Class and Description |
|---|---|
class |
SingleParameterAction
A base class for actions that involve a single URI.
|
| Modifier and Type | Method and Description |
|---|---|
AuthorizationRequest |
RequiresActions.requiredActions(VitroRequest vreq)
Returns Actions that are required to be authorized for
the object to be used.
|
| Modifier and Type | Class and Description |
|---|---|
class |
CreateOwlClass
Should we allow the user to create a new class in the ontology?
|
class |
DefineDataProperty
Should we allow the user to define a data property in the ontology?
|
class |
DefineObjectProperty
Should we allow the user to define a new object property in the ontology?
|
class |
RemoveOwlClass
Should we allow the user to remove a class from the ontology?
|
| Modifier and Type | Class and Description |
|---|---|
class |
AbstractDataPropertyStatementAction
A base class for requested actions that involve adding, editing, or dropping
data property statements from a model.
|
class |
AbstractObjectPropertyStatementAction
A base class for requested actions that involve adding, editing, or deleting
object property statements from a model.
|
class |
AbstractPropertyStatementAction
A base class for requested actions that involve adding, editing, or deleting
statements from a model.
|
class |
AddDataPropertyStatement
Should we allow the user to add this DataPropertyStatement to this model?
|
class |
AddObjectPropertyStatement
Should we allow the user to add this ObjectPropertyStatement to this model?
|
class |
DropDataPropertyStatement
Should we allow the user to delete this DataPropertyStatement from this
model?
|
class |
DropObjectPropertyStatement
Should we allow the user to delete this ObjectPropertyStatement from this
model?
|
class |
EditDataPropertyStatement
Should we allow the user to edit this DataPropertyStatement in this model?
|
class |
EditObjectPropertyStatement
Should we allow the user to edit this ObjectPropertyStatement in this model?
|
| Modifier and Type | Class and Description |
|---|---|
class |
PublishDataProperty
Should we allow the user to publish this DataProperty in Linked Open Data?
|
class |
PublishDataPropertyStatement
Should we publish this DataPropertyStatement in a Linked Open Data request
from the current user?
|
class |
PublishObjectProperty
Should we allow the user to publish this ObjectProperty in Linked Open Data?
|
class |
PublishObjectPropertyStatement
Should we publish this ObjectPropertyStatement in a Linked Open Data request
from the current user?
|
| Modifier and Type | Class and Description |
|---|---|
class |
AbstractResourceAction
A common base class for resource-related actions.
|
class |
AddResource
Should we allow the user to add a Resource to the model?
|
class |
DropResource
Should we allow the user to delete a Resource from the model?
|
| Modifier and Type | Class and Description |
|---|---|
class |
ManageRootAccount
Should we allow the user to edit or delete the root account?
|
| Modifier and Type | Method and Description |
|---|---|
protected boolean |
VitroHttpServlet.isAuthorizedToDisplayPage(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
AuthorizationRequest actions)
Don't display a page that the user isn't authorized to see.
|
| Modifier and Type | Method and Description |
|---|---|
protected AuthorizationRequest |
UserAccountsAdminController.requiredActions(VitroRequest vreq) |
| Modifier and Type | Method and Description |
|---|---|
protected AuthorizationRequest |
UserAccountsAjaxController.requiredActions(VitroRequest vreq) |
| Modifier and Type | Method and Description |
|---|---|
protected AuthorizationRequest |
ManageProxiesController.requiredActions(VitroRequest vreq) |
| Modifier and Type | Method and Description |
|---|---|
protected AuthorizationRequest |
ManageProxiesAjaxController.requiredActions(VitroRequest vreq) |
| Modifier and Type | Method and Description |
|---|---|
protected AuthorizationRequest |
UserAccountsUserController.requiredActions(VitroRequest vreq) |
| Modifier and Type | Method and Description |
|---|---|
protected AuthorizationRequest |
StartupStatusController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
ShowSourcesController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
ShowConfiguration.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
ShowAuthController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
RestrictLoginsController.requiredActions(VitroRequest vreq) |
| Modifier and Type | Method and Description |
|---|---|
protected AuthorizationRequest |
VitroAjaxController.requiredActions(VitroRequest vreq)
By default, a controller requires authorization for no actions.
|
protected AuthorizationRequest |
SparqlQueryAjaxController.requiredActions(VitroRequest vreq) |
| Modifier and Type | Method and Description |
|---|---|
protected void |
VitroApiServlet.confirmAuthorization(javax.servlet.http.HttpServletRequest req,
AuthorizationRequest requiredActions)
If they have not provided an email/password combo that will authorize
them for this action, throw an AuthException.
|
| Modifier and Type | Method and Description |
|---|---|
protected AuthorizationRequest |
AdminLoginController.requiredActions(VitroRequest vreq) |
| Modifier and Type | Method and Description |
|---|---|
protected AuthorizationRequest |
ReorderController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
PrimitiveRdfEdit.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
PrimitiveDelete.requiredActions(VitroRequest vreq) |
| Modifier and Type | Field and Description |
|---|---|
static AuthorizationRequest |
RevisionInfoController.REQUIRED_ACTIONS |
static AuthorizationRequest |
BaseSiteAdminController.REQUIRED_ACTIONS |
| Modifier and Type | Method and Description |
|---|---|
protected AuthorizationRequest |
SimpleReasonerRecomputeController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
ShowObjectPropertyHierarchyController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
ShowDataPropertyHierarchyController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
ShowClassHierarchyController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
RevisionInfoController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
PageController.requiredActions(VitroRequest vreq)
Get the required actions for all the data getters then
AND them together.
|
protected AuthorizationRequest |
ManageLabelsForIndividualController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
ListVClassWebappsController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
ListPropertyWebappsController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
ListPropertyGroupsController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
ListFauxPropertiesController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
ListDatatypePropertiesController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
ListClassGroupsController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
ImageUploadController.requiredActions(VitroRequest vreq)
The required action depends on what we are trying to do.
|
protected AuthorizationRequest |
FreemarkerHttpServlet.requiredActions(VitroRequest vreq)
By default, a page requires authorization for no actions.
|
protected AuthorizationRequest |
FileUploadController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
DeletePropertyController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
DeleteIndividualController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
BaseSiteAdminController.requiredActions(VitroRequest vreq) |
| Modifier and Type | Method and Description |
|---|---|
static void |
BaseSiteAdminController.registerSiteConfigData(String key,
String url,
UrlBuilder.ParamMap urlParams,
AuthorizationRequest permission) |
static void |
BaseSiteAdminController.registerSiteMaintenanceUrl(String key,
String url,
UrlBuilder.ParamMap urlParams,
AuthorizationRequest permission) |
| Modifier and Type | Method and Description |
|---|---|
protected AuthorizationRequest |
ProcessRdfFormController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
PostEditCleanupController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
EditRequestDispatchController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
EditRequestAJAXController.requiredActions(VitroRequest vreq) |
| Modifier and Type | Method and Description |
|---|---|
protected AuthorizationRequest |
IndexController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
DataAutocompleteController.requiredActions(VitroRequest vreq) |
protected AuthorizationRequest |
AutocompleteController.requiredActions(VitroRequest vreq) |
Copyright © 2022. All rights reserved.