org.pentaho.platform.engine.security.acls.voter
Class PentahoBasicAclVoter
java.lang.Object
org.pentaho.platform.engine.security.acls.voter.AbstractPentahoAclVoter
org.pentaho.platform.engine.security.acls.voter.PentahoBasicAclVoter
- All Implemented Interfaces:
- IAclVoter, IPentahoInitializer
- Direct Known Subclasses:
- PentahoAllowAnonymousAclVoter, PentahoUserOverridesVoter
public class PentahoBasicAclVoter
- extends AbstractPentahoAclVoter
- implements IAclVoter
Standard basic ACL Voter. This voter simply aggregates all the applicable
access controls on an object when asked for the effective ACL.
For example, if the user (sally) belongs to the following roles:
And the object has the following defined access controls:
| Role | Access |
| dev | Execute |
| sales | Execute and Subscribe |
| sally | Nothing |
With voter, sally would have Execute permissions on this object because this voter
simply aggregates all applicable access controls.
- Author:
- mbatchel
- See Also:
PentahoUserOverridesVoter,
PentahoAllowAnonymousAclVoter
PentahoBasicAclVoter
public PentahoBasicAclVoter()
getAuthentication
public org.springframework.security.Authentication getAuthentication(IPentahoSession session)
- Specified by:
getAuthentication in class AbstractPentahoAclVoter
hasAccess
public boolean hasAccess(IPentahoSession session,
IAclHolder holder,
int mask)
- Description copied from interface:
IAclVoter
- Determines whether the user (auth) has the requested authority (mask)
based on the list of effective authorities from the holder.
- Specified by:
hasAccess in interface IAclVoter
- Returns:
- true if the user has the requested access.
getEffectiveAcls
public org.springframework.security.acl.AclEntry[] getEffectiveAcls(IPentahoSession session,
IAclHolder holder)
- Description copied from interface:
IAclVoter
- Returns an array of the authorities from the IAclHolder that apply to the
provided authentication object.
mlowery In practice this method does not do the same thing as EffectiveAclsResolver.
- Specified by:
getEffectiveAcls in interface IAclVoter
- Returns:
- The array of authorities from the IAclHolder that apply to the
person in question
getEffectiveAcl
public PentahoAclEntry getEffectiveAcl(IPentahoSession session,
IAclHolder holder)
- Description copied from interface:
IAclVoter
- This returns the effective ACL for the piece of content for the given
user. Ideally, this will look at all the effective ACLs returned for this
user for this piece of content, and return an ACL that encapsulates all
the users' access to that content. The returning PentahoAclEntry will
represent the ACL that the user has to the content.
This method should NEVER return
null. If the user has no
access to the object, it needs to return a PentahoAclEntry with
nothing (mask of 0).
- Specified by:
getEffectiveAcl in interface IAclVoter
- Returns:
- PentahoAclEntry holding the access to the object.