Class PropertyRestrictionBeanImpl
- java.lang.Object
-
- edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionBean
-
- edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionBeanImpl
-
public class PropertyRestrictionBeanImpl extends PropertyRestrictionBean
On creation, populate a map of PropertyRestrictionLevels. When a change is detected, update the map accordingly. ------------------------------ How is authorization determined? Resources are easy. If they aren't in a prohibited namespace, or are an exception to the prohibition, they are accessible. Properties are harder. The prohibited namespace and exceptions still apply, but if we pass that test, then we check the threshold map. When a test is made, we look for thresholds in the map. First we look for the full key of domain-base-range, in case we are testing a faux property. Faux properties are recorded in the map with the full key. If we don't find the full key, then perhaps we are testing a faux property that has no settings, or perhaps we are testing an object property. We look for the partial key of null-base-null, which covers both of these cases, since object properties (and data properties) are recorded the map with a partial key. Similarly, if we find a null threshold value in the full key, we look back to the partial key for a threshold. If we find no non-null threshold value then the property is unrestricted for that feature. ----------------------------- It would perhaps be a silly optimization, but if we find a key with 3 null thresholds, we could remove it from the map without changing the behavior.
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionBean
PropertyRestrictionBean.Setup
-
-
Field Summary
-
Fields inherited from class edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionBean
instance, PERMITTED_EXCEPTIONS, PROHIBITED_NAMESPACES
-
-
Constructor Summary
Constructors Constructor Description PropertyRestrictionBeanImpl(Collection<String> prohibitedNamespaces, Collection<String> permittedExceptions, ContextModelAccess models)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description booleancanDisplayPredicate(Property predicate, BaseResourceBean.RoleLevel userRole)If display of a predicate is restricted, the user's role must be at least as high as the restriction level.booleancanDisplayResource(String resourceUri, BaseResourceBean.RoleLevel userRole)Any resource can be displayed.booleancanModifyPredicate(Property predicate, BaseResourceBean.RoleLevel userRole)A predicate cannot be modified if its namespace is in the prohibited list (some exceptions are allowed).booleancanModifyResource(String resourceUri, BaseResourceBean.RoleLevel userRole)A resource cannot be modified if its namespace is in the prohibited list (but some exceptions are allowed).booleancanPublishPredicate(Property predicate, BaseResourceBean.RoleLevel userRole)If publishing of a predicate is restricted, the user's role must be at least as high as the restriction level.booleancanPublishResource(String resourceUri, BaseResourceBean.RoleLevel userRole)Any resource can be published.StringtoString()voidupdateProperty(PropertyRestrictionLevels levels)The threshold values for this property may have changed.-
Methods inherited from class edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionBean
getBean
-
-
-
-
Constructor Detail
-
PropertyRestrictionBeanImpl
public PropertyRestrictionBeanImpl(Collection<String> prohibitedNamespaces, Collection<String> permittedExceptions, ContextModelAccess models)
-
-
Method Detail
-
canDisplayResource
public boolean canDisplayResource(String resourceUri, BaseResourceBean.RoleLevel userRole)
Description copied from class:PropertyRestrictionBeanAny resource can be displayed. (Someday we may want to implement display restrictions based on VClass.)- Specified by:
canDisplayResourcein classPropertyRestrictionBean
-
canModifyResource
public boolean canModifyResource(String resourceUri, BaseResourceBean.RoleLevel userRole)
Description copied from class:PropertyRestrictionBeanA resource cannot be modified if its namespace is in the prohibited list (but some exceptions are allowed). (Someday we may want to implement modify restrictions based on VClass.)- Specified by:
canModifyResourcein classPropertyRestrictionBean
-
canPublishResource
public boolean canPublishResource(String resourceUri, BaseResourceBean.RoleLevel userRole)
Description copied from class:PropertyRestrictionBeanAny resource can be published. (Someday we may want to implement publish restrictions based on VClass.)- Specified by:
canPublishResourcein classPropertyRestrictionBean
-
canDisplayPredicate
public boolean canDisplayPredicate(Property predicate, BaseResourceBean.RoleLevel userRole)
Description copied from class:PropertyRestrictionBeanIf display of a predicate is restricted, the user's role must be at least as high as the restriction level.- Specified by:
canDisplayPredicatein classPropertyRestrictionBean
-
canModifyPredicate
public boolean canModifyPredicate(Property predicate, BaseResourceBean.RoleLevel userRole)
Description copied from class:PropertyRestrictionBeanA predicate cannot be modified if its namespace is in the prohibited list (some exceptions are allowed). If modification of a predicate is restricted, the user's role must be at least as high as the restriction level.- Specified by:
canModifyPredicatein classPropertyRestrictionBean
-
canPublishPredicate
public boolean canPublishPredicate(Property predicate, BaseResourceBean.RoleLevel userRole)
Description copied from class:PropertyRestrictionBeanIf publishing of a predicate is restricted, the user's role must be at least as high as the restriction level.- Specified by:
canPublishPredicatein classPropertyRestrictionBean
-
updateProperty
public void updateProperty(PropertyRestrictionLevels levels)
Description copied from class:PropertyRestrictionBeanThe threshold values for this property may have changed.- Specified by:
updatePropertyin classPropertyRestrictionBean
-
-