org.pentaho.platform.engine.security.acls.voter
Class PentahoUserOverridesVoter
java.lang.Object
org.pentaho.platform.engine.security.acls.voter.AbstractPentahoAclVoter
org.pentaho.platform.engine.security.acls.voter.PentahoBasicAclVoter
org.pentaho.platform.engine.security.acls.voter.PentahoUserOverridesVoter
- All Implemented Interfaces:
- IAclVoter, IPentahoInitializer
public class PentahoUserOverridesVoter
- extends PentahoBasicAclVoter
Extends the PentahoBasicAclVoter class, and overrides the getEffectiveAcls method
to stipulate that if the current user occurrs in the access control list, that
whatever access controls are listed for that user, those are the only ones returned.
For example, if the user (sally) belongs to the following roles:
And the object has the following defined access controls:
Role | Access |
dev | Execute |
sales | Execute and Subscribe |
sally | Nothing |
With the standard PentahoBasicAclVoter, sally would have Execute permissions on this
object because that voter will simply aggregate all applicable access controls. With this voter,
the returned access controls for sally will be PentahoAclEntry.NOTHING.
- Author:
- mbatchel
PentahoUserOverridesVoter
public PentahoUserOverridesVoter()
getEffectiveAcls
public AclEntry[] getEffectiveAcls(IPentahoSession session,
IAclHolder holder)
- Description copied from interface:
IAclVoter
- Returns an array of the authorities from the IAclHolder that apply to the
provided authentication object.
mlowery In practice this method does not do the same thing as EffectiveAclsResolver.
- Specified by:
getEffectiveAcls
in interface IAclVoter
- Overrides:
getEffectiveAcls
in class PentahoBasicAclVoter
- Returns:
- The array of authorities from the IAclHolder that apply to the
person in question